InfoSec Vulnerability Assessment Analyst II

To provide 2nd Tier response to security vulnerability incidents . Ensure adherence to standard operating procedures for detecting, classifying and reporting vulnerabilities. This role will work closely with other vulnerability assessment team members to identify threats and vulnerabilities to the organization. Will partner with additional teams within Navy Federal Credit Union to protect the Navy Federal brand, data, and IT assets from cyber-based threats. Performs role under minimal supervision

• Performing Ad-Hoc scanning
• Review false positives and provide feedback to vulnerability owner
• Review scheduled scans to assure that scans are successfully completed
• Create daily reports for briefing - (Daily scan results, third party finding)
• Perform IP/Subnet reconciliation with an oversight of Level 2-4
• Assist system owners/remediation team for remediation validation
• Perform other duties as assigned

• Bachelor’s degree in computer sciences with major in cyber security, information security or machine learning/AI etc., and/or the equivalent combination of education, training, and experience 
• Two to three years of hands-on experience with Vulnerability scan tools (e.g. Tenable, Qualys, etc.) 
• Familiarity with Information security regulations/practices such as NIST, CIS, PCI and DoD
• Scripting and automation experience
• Knowledge of industry standards and frameworks, including NIST, PCI, ISO, OWASP, and COBIT
• Experience in NIST continuous monitoring and Continuous Diagnostics Mitigation process
• Knowledge in computer administration or Network administration
• Demonstrate problem solving, analytical and process development skills
• Must be a team player with a cooperative and energetic spirit with a willingness to learn
• Ability to work and communicate with all levels of Management and Staff
• Previous experience within the financial sector
• Experience with and knowledge of different threats to an organization
• Experience with ServiceNow and/or other IT Asset Management tools
• Knowledge of Navy Federal's functions, philosophy, operations and organizational objectives
• Excellent customer service skills and interaction

Desired Qualifications

• Background training in penetration testing 
• Experience with Web Application vulnerability scanning tools such as Burp Suite, Nmap, and Wireshark
• Familiarity with the Wiz Cloud Security Platform for securing cloud environments and applications
• At least one of the following certifications: CEH, OSCP, GSEC, Microsoft Certified Azure Fundamentals (or other Cloud Fundamentals certifications), CompTIA Network+, Security+, or other related Information Security certifications

Hours: Monday - Friday, 8:00AM - 4:30PM

Locations: 820 Follin Lane, Vienna, VA 22180 | 5550 Heritage Oaks Drive, Pensacola, FL 32526

Salary Range:  $98,600 - $154,100 annually (Zone 1)
                         $80,400 - $125,700 annually (Zone 4)

Navy Federal provides much more than a job. We provide a meaningful career experience, including a culture that is energized, engaged and committed; and fierce appreciation for our teams, who are rewarded with highly competitive pay and generous benefits and perks.

Our approach to careers is simple yet powerful: Make our mission your passion.

• Best Companies for Latinos to Work for 2024
• Computerworld® Best Places to Work in IT
• Forbes® 2025 America’s Best Large Employers
• Forbes® 2024 America's Best Employers for New Grads
• Forbes® 2024 America's Best Employers for Tech Workers
• Fortune Best Workplaces for Millennials™ 2024   
• Fortune Best Workplaces for Women ™ 2024
• Fortune 100 Best Companies to Work For® 2024
• Military Times 2024 Best for Vets Employers
• Newsweek Most Loved Workplaces
• 2024 PEOPLE® Companies That Care
• RippleMatch Recruiting Choice Award
• Yello and WayUp Top 100 Internship Programs

From Fortune. ©2024 Fortune Media IP Limited. All rights reserved. Used under license. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, Navy Federal Credit Union.

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected Veteran.

Hybrid Workplace: Navy Federal Credit Union is a hybrid workplace, and details will be discussed during your interview process.

Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team’s discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position.

Bank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.