Security Vulnerability Management Analyst

ABOUT US 
At HUB International, we are a team of entrepreneurs. We believe in protecting and supporting the aspirations of individuals, families, and businesses. We help our clients evaluate their risks and develop solutions tailored to their needs. We believe in empowering our employees to learn, grow, and make a difference. Our structure enables our teams to maintain their own unique, regional culture while leveraging support and resources from our corporate centers of excellence. 
 
HUB is the 5th largest global insurance and employee benefits broker, providing a boundaryless array of business insurance, employee benefits, risk services, personal insurance, retirement, and private wealth management products and services. With over $5 billion in revenue and almost 20,000 employees in 600 offices throughout North America, HUB has grown substantially, in part due to our industry leading success in mergers and acquisitions. 

More about HUB:

In a rapidly changing world, HUB advises businesses and individuals on how to prepare for the unexpected. As one of the world’s largest insurance brokers, our focus is dedicated to providing our customers with the peace of mind that what matters most will be protected — through unrelenting advocacy and tailored insurance solutions that put our clients in control. Our growing team of professionals across North America represents a broad, deep, and one-of-a kind aggregation of entrepreneurs and leaders recognized for their excellence throughout the insurance community.

About the Position

Reporting to the Security Portfolio Manager, the Security Analyst is responsible for contributing to the development, maintenance and implementation of the Vulnerability Management program at HUB International.

The Security Analyst functions as a member of the Security Architecture team and interacts with technical and business units to identify, assess, and solution information security solutions. The Security Analyst will focus on the continuous improvement of the Vulnerability Management program. The Security Analyst will, as requested, provide support for area metrics and information gathering for security program delivery.  This role requires strong teamwork, collaboration and leadership skills, with the ability to foster and maintain business relationships with all areas of HUB.

Responsibilities:

• Utilize centralized tooling to detect and identify risk in devices, programs, and networks
• Evaluate potential risk and analyze vulnerability scan data
• Support the administration of Security Architecture tooling
• Partnering with technical and business units to identify solutions to remediate and mitigate risk. Further, providing support to these teams until risk is resolved
• Assist in improving processes, identify efficiencies, and recommend solution enhancements to improve service level delivery
• Support the HUB Information Security Governance & Compliance team as needed during risk assessments, internal and external Information Security Audits, and Vendor reviews
• Gather and report on key organizational information security metrics
• Engage in review and continuous improvement of the Vulnerability Management program with the Security Architecture team
• Other duties as assigned

Requirements:

• Bachelor's degree in discipline appropriate to assignment or an equivalent combination of education and experience
• At least 2 years’ experience in an Information Security role or 3 years’ experience in an IT or Systems analyst capacity with progressively difficult responsibilities
• Understanding of IT General Security Controls and OWASP application security designs
• Basic understanding of Threat modeling and Security Architecture principles
• Basic understanding of cloud infrastructure and security controls design
• Basic understanding of Identity and Access Management principles
• Understanding of industry security standards, guidelines, and regulatory/compliance requirements related to information security such as ISO 27001, NIST 800-53, SOC2, PCI, SOX, etc
• Ability to evaluate business processes, IT technology, identify security risks, process gaps, and evaluate IT controls
• Organizational skills to prioritize risks and actions using a risk-based approach
• Solid analytical and problem-solving skills; ability to think strategically and drive decision making
• Excellent communication (both written and verbal) & interpersonal skills
• Ability to balance priorities and deliverables across multiple workstreams
• High flexibility, including willingness to travel up to 10% of working time
•  Related certifications (e.g., CISA, CASP+,  SANS GCCC ) preferred
• Experience with vulnerability management platforms

JOIN OUR TEAM 
Do you believe in the power of innovation, collaboration, and transformation?  Do you thrive in a supportive and client focused work environment?  Are you looking for an opportunity to help build and drive change in a rapidly growing and evolving organization?  When you join HUB International, you will be part of a community of learners and doers focused on our Core Values: entrepreneurship, teamwork, integrity, accountability, and service. 

Although hybrid to a local HUB office is desirable, we are open to remote candidates. 
 

Disclosure required under applicable law in California, Colorado, Illinois, Maryland, Minnesota, New York, New Jersey, and Washington states: The expected salary range for this position is $85,000 to $120,000 and will be impacted by factors such as the successful candidate’s skills, experience and working location, as well as the specific position’s business line, scope and level. If you believe that your qualifications and experience surpass the minimum requirements for this role, we encourage you to submit your application. By doing so, we will be able to keep your application on file for consideration for potential future positions within our organization. HUB International is proud to offer comprehensive benefit and total compensation packages which could include health/dental/vision/life/disability insurance, FSA, HSA and 401(k) accounts, paid-time-off benefits such as vacation, sick, and personal days, and eligible bonuses, equity and commissions for some positions.  

Department Information Technology

Required Experience: 2-5 years of relevant experience

Required Travel: Negligible

Required Education: Bachelor's degree (4-year degree)

HUB International Limited is an equal opportunity and affirmative action employer that does not discriminate on the basis of race/ethnicity, national origin, religion, age, color, sex, sexual orientation, gender identity, disability or veteran's status, or any other characteristic protected by local, state or federal laws, rules or regulations. The EEO is the Law poster and its supplement is available here at http://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm .

EEOAA Policy

E-Verify Program

We endeavor to make this website accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the US Recruiting Team toll-free at (844) 300-9193 or USRecruiting@hubinternational.com. This contact information is for accommodation requests only; do not use this contact information to inquire about the status of applications.