Staff Engineer II, Cyber – Threat and Vulnerability Management

Western Alliance Bank is seeking a passionate, experienced, and results-driven Cyber Engineer to help engineer, operationalize, and continuously mature a scalable, risk-based Threat & Vulnerability Management (TVM) program across hybrid environments, including on-premises infrastructure, cloud platforms, containerized workloads, and CI/CD pipelines. This role will collaborate with internal business partners and IT Tower Leads to proactively address ongoing vulnerability and configuration hardening issues to ensure rapid resolution. In this role you will foster a collaborative environment with focus on continuous mitigation and mitigation of cyber vulnerabilities. You'll be accountable to proactively recommend improvements to established processes while continuing to deliver high value in execution. You'll also create and deliver comprehensive project plans as well as remove any impediments, track overall project performance, specifically to analyze the successful completion of business short-term and long-term goals. As a Staff Engineer II – Cyber (Threat & Vulnerability Management), you will serve as a hands-on technical leader responsible for building, integrating, and automating vulnerability discovery, prioritization, remediation workflows, and security guardrails. This role partners closely with Cyber Defense, Cloud Engineering, Infrastructure, DevOps, Application, and Platform teams to reduce enterprise risk through measurable, engineering-led outcomes while operating within established governance and risk frameworks. Assist in the strategic direction and execution of the TVM program, covering cloud, infrastructure, application, container, and endpoint environments. Review and enforce CIS security baseline compliance across enterprise assets, including cloud workloads, servers, and endpoints. Integrate automated scanning and security controls into DevSecOps pipelines to detect and remediate vulnerabilities early in the development lifecycle. Work cross-functionally with Cloud Engineering, DevOps, Infrastructure, and IT to prioritize and remediate vulnerabilities based on business risk, exploitability, and regulatory requirements. Support the use and optimization of enterprise vulnerability scanning and compliance tools. Monitor emerging threats, zero-day vulnerabilities, and misconfigurations, and lead remediation and communication efforts accordingly. Produce reporting and metrics that provide visibility into vulnerability trends, patch compliance, and CIS benchmark adherence for technical and executive audiences. Contribute to cloud security governance, including the design and enforcement of security guardrails, Infrastructure-as-code (IaC) reviews, and automated compliance checks. Ensure alignment with regulatory standards (e.g., FFIEC, GLBA, PCI-DSS, NIST 800-53, ISO 27001) and drive continuous improvement in control effectiveness. Support a team of security analysts and engineers focused on vulnerability detection, analysis, and risk mitigation.