Principal Vulnerability Management Analyst

About The Position

Requirements

• Bachelor's degree in computer science, engineering, or another relevant discipline.
• 7+ years of progressive experience in Cyber Security.
• Experience in vulnerability management, with exposure to hybrid on-premises and Azure environments.
• In-depth knowledge of vulnerability management processes and best practices.
• Strong understanding of security technologies applicable to hybrid environments.
• Experience with vulnerability assessment tools, specifically Qualys.
• Familiarity with industry frameworks related to vulnerability management (e.g., CVE, CVSS).
• Excellent analytical and problem-solving skills.
• Persuasive communication and collaboration skills.
• Ability to adapt to changing technologies and environments.
• Must have smartphones that meet Company security standards with the ability to install apps such as Microsoft Authenticator.

Nice To Haves

• Experience with Qualys VMDR or similar vulnerability management platforms preferred.
• Relevant certifications (e.g., CISSP, CEH, Qualys Certified Specialist) are a plus.

Responsibilities

• Lead the design and implementation of vulnerability management solutions across multiple business units in hybrid environments.
• Develop and maintain a comprehensive Vulnerability Management Program, emphasizing core capabilities and leveraging Qualys VMDR product offerings.
• Identify and evaluate vulnerability management solutions suitable for on-premises and cloud environments.
• Establish vulnerability management reference architecture across hybrid infrastructures, ensuring alignment with industry standards and best practices.
• Conduct regular vulnerability assessment scans and prioritize remediation efforts based on risk analysis.
• Continuously improve key risk indicators (KRI) related to vulnerability management that is aligned with Rithm’s risk tolerance.
• Coordinate with system owners and stakeholders to remediate identified vulnerabilities promptly.
• Develop and implement processes for tracking and monitoring vulnerability remediation progress.
• Generate and distribute vulnerability assessment reports to relevant stakeholders, including executive leadership.
• Collaborate with IT teams to integrate vulnerability management solutions into existing systems and workflows.
• Ensure compliance with relevant industry standards and regulations.
• Stay up to date with the latest security vulnerabilities, exploits, and threat intelligence to enhance the effectiveness of vulnerability management practices.
• Provide guidance and training to IT staff on vulnerability management best practices and procedures.
• Oversee the integration of vulnerability management processes across multiple business units resulting from mergers and acquisitions.
• Perform related duties as assigned by management.

Benefits

• Medical, dental, and vision insurance
• Health Savings Account with employer contribution
• 401(k) Retirement plan with employer match
• Paid Maternity Leave/Parental Bonding Leave/Caregiver Leave
• Adoption Assistance
• Tuition & Certification reimbursement
• Employee Mortgage Loan Program
• The Newrez Employee Emergency and Disaster Fund
• 1 company-paid Volunteer Time Off day
• Matching Gifts Program - dollar-for-dollar up to $1,000
• Access to grants, nonprofit resources, and volunteer opportunities