Vulnerability Management Analyst

Why Choose Bottomline?

Are you ready to transform the way businesses pay and get paid? Bottomline is a global leader in business payments and cash management, with over 35 years of experience and moving more than $16 trillion in payments annually. We're looking for passionate individuals to join our team and help drive impactful results for our customers. If you're dedicated to delighting customers and promoting growth and innovation - we want you on our team!

Job Summary    

This role reports to the Vulnerability Management Analyst and will work across all the technology teams to strengthen Bottomline’s infrastructure and assets.   

As the Vulnerability Management analyst, you will be part of the team that is responsible for executing on the day-to-day operations for vulnerability management.  This includes identification, assessment and remediation of security vulnerabilities across the environment.  This scope of the capabilities includes infrastructure Vulnerability Management, External Attack Surface Management, Container Scanning, Cloud Security Compliance scanning, and Security Configuration Management.    

• Program Development – support the manager in developing policies, procedures, reporting and best practices for vulnerability scanning, assessment, and remediation.  

• Vulnerability Identification and Assessment – Operate vulnerability scanning tools to ensure timely and complete scans of the systems, networks, and software.   

• Remediation Coordination – Ensure timely distribution of vulnerability reports to the key stakeholders responsible for remediation.  Track and report on remediation progress to stakeholders and leadership. 

• Threat Intelligence Integration - Stay updated on emerging threats and vulnerabilities through threat intelligence sources.  Integrate threat intelligence into the vulnerability management process to address high-risk areas proactively. 

• Compliance and Standards - Ensure compliance with regulatory requirements and security frameworks (e.g., SWIFT, NACHA, PCI, NIST, GLBA).  Prepare for and support internal and external audits related to vulnerability management. 

Required Experience & Qualifications 

• 3+ years of experience in Cybersecurity  

• Bachelor’s degree 

• Hands-on experience and knowledge on deploying and operating vulnerability management tools – Rapid7, Qualys  

• Strong knowledge across all core domains – Vulnerability Management, External Attack Surface Management, Container Scanning, Cloud Security Compliance scanning, and Security Configuration Management 

Preferred Experience & Qualifications 

• Cyber certifications (e.g., CISM, CISSP) or equivalent 

We welcome talent at all career stages and are dedicated to understanding and supporting additional needs. We're proud to be an equal opportunity employer, committed to creating an inclusive and open environment for everyone.