Vulnerability Analyst

SWBC is seeking a talented individual to be responsible for identifying, assessing, and mitigating vulnerabilities within SWBC’s infrastructure. They conduct regular vulnerability scans, evaluate potential threats, and work closely with IT, security teams and the business to implement effective remediation strategies. This role is crucial in maintaining the SWBC’s security posture and protecting assets from cyber threats.

Why you'll love this role:

You’ll love this role because it directly reduces risk to the business where you can see results of your efforts by increasing the security posture for SWBC. If you thrive in a fast-paced environment this role is perfect for you. Everyday there is something new so it will provide continuous learning and provide opportunity for career growth. 

Essential duties include the following:

• Conducts regular vulnerability scans and assessments across the organization’s IT environment using Nessus.
• Analyzes vulnerabilities and threats, determine their potential impact, and recommend strategies for risk prevention.
• Coordinates with end users, application owners, IT and security teams to prioritize and apply security patches and updates, including managing patch deployments using SCCM, Intune, etc, and ensuring compliance with industry standards.
• Assists in investigating and resolving security incidents, providing expertise on vulnerability exploitation and mitigation.
• Generates detailed reports on vulnerabilities, their impact, and the status of remediation efforts. Communicate findings to stakeholders.
• Ensures compliance with relevant security standards, policies, and regulations.
• Develops and maintains vulnerability management documentation, including policies and procedures, including creating response plans for critical vulnerabilities or emerging threats.
• Engages in vulnerability management program reviews and continuous improvement initiatives, providing input on enhancements to scanning and reporting processes.
• Coordinates with application owners to mitigate as well as closure existing and future vulnerabilities
• Assist in development and implementation of information security vulnerability management policies, procedures, and standards.
• Interacts and closely work with a multitude of different teams, Information Security, Systems, Desktop, Internal applications, etc.
• Continuous Vulnerability and Security Research.
• Participates in information security audits to proactively minimize and eliminate information security vulnerabilities.
• Builds relationships with technical leads.
• Keeps current with vulnerabilities, attacks, and countermeasures devoting time to research and development activities.
• Manages the life cycle of application security vulnerabilities, from identification to validation and remediation.
   

Serious candidates will possess the minimum qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Two to four (2-4) years of relevant vulnerability experience, or an equivalent combination of education and work experience.
• At least 2+ years of experience in an IT role, ideally within a professional services environment.
• Experience working with MS Servers (2012-2025) and Vulnerability management.
• Experience working with Workstations (win 10, 11, OSX) and Vulnerability management.
• Experience with vulnerability management platforms.
• In-depth knowledge of network protocols, operating systems, and common vulnerabilities.
• Strong analytical and problem-solving abilities.
• Excellent verbal and written communication skills to effectively report findings and collaborate with cross-functional teams.
• Experience with automation tools for vulnerability management.
• Possession of excellent critical thinking, data gathering, data analysis, report writing, leadership, presentation, analytic, quantitative, time management, and consulting skills.
• Prioritize and categorize remediation tasks.
• ITIL Foundation Certified is preferred.
• Develop and maintain remediation and mitigation processes with Security team to address or resolve risks associated with vulnerabilities.
• Self-starter personality and excellent verbal and written communication skills (English).
• Experience working in ITSM tool like ServiceNow
• Demonstrate packaging knowledge\experience in SCCM.
• Ability to work independently with minimal direction; self-starter/self-motivated.
• Collaborative work ethic working in a fast-paced environment.
• Knowledge of common attack methodologies.
• Travel outside San Antonio may be needed.

SWBC offers*:  

• Competitive overall compensation package
• Work/Life balance 
• Employee engagement activities and recognition awards 
• Years of Service awards
• Career enhancement and growth opportunities 
• Leadership Academy and Mentor Program
• Continuing education and career certifications 
• Variety of healthcare coverage options
• Traditional and Roth 401(k) retirement plans 
• Lucrative Wellness Program

*Based upon employee eligibility 

Additional Information:

SWBC is a Substance-Free Workplace and requires pre-employment drug testing.

Please note, SWBC does not hire tobacco users as allowed by law.

To learn more about SWBC, visit our website at www.SWBC.com. If interested, please click the appropriate apply button.