Vulnerability Management Analyst

Job title:  Vulnerability Management Analyst 

Reports to:  Manager, Security Operations

Department: Security & Compliance 

Location:  Remote

Grade: 17

Our Company: 

Priority Technology Holdings, Inc. is a leading financial technology company that specializes in providing integrated payments and banking solutions. Our innovative native platform empowers businesses to effortlessly collect, store, and send money in a scalable manner. We are committed to revolutionizing the way companies handle their financial transactions by offering cutting-edge technology and exceptional customer service.

Job Summary:

We are seeking a Vulnerability Management Analyst to join our Security Operations Team. In this role, you will manage the vulnerability scanning program, overseeing system scanning, analysis, reporting, tracking, ticketing, and the resolution of known vulnerabilities. You will work closely with internal teams to identify, prioritize, and mitigate vulnerabilities, providing regular reports to stakeholders. The Analyst will ensure proper documentation of vulnerability-related activities and maintain oversight of the ticketing system. This position requires a strong understanding of vulnerability management processes and the ability to collaborate with both technical and non-technical stakeholders to reduce risk. As a member of Priority’s Security and Compliance group, you will contribute to the protection of the organization’s technology assets and sensitive information, playing a key role in enhancing security practices across the organization.

Responsibilities: 

• Conduct internal (on-prem) and external (cloud/public facing) vulnerability scans using various tools.

• Develop/adjust patching schedule and vulnerability remediation plans.

• Make recommendations and configure automated patching systems.

• Report patching activity to senior leaders and management.

• Collaborate with other departments to review/resolve vulnerability and threat reports.

• Review patch release notes for Microsoft, Apple, and any 3rd party products utilized at the company.

Minimum Requirements:

• Three (3) + years of Information Security experience, such as vulnerability management, conducting security assessments, threat assessments, and/or penetration testing.
• Ability to communicate security-related concepts to a broad range of technical and non-technical staff.
• Must understand IT/Security at an enterprise level.
• Must have the ability to adapt to a rapidly changing international business with teams working in various time zones.
• Strong analytical and problem-solving skills.

PREFERRED REQUIREMENTS:

• BS degree in Information Technology, Security, Computer Science,Business/Management, or related field.

• Experience in a cloud environment (AWS, Azure).

• Related industry certifications (Security+, ITIL, CISSP, CISM, CEH, CCSP, GSEC, GCIH,OSCP, GCED, GSOC).

• Experience with Splunk, MITRE ATT&CK Framework, Endpoint Security Services, andOperating System Vulnerabilities and Hardening.

Compensation and Benefits:

• Compensation range - $ 85,000 - $100,000
• End of Year Discretionary Bonus  
• Unlimited PTO after year 1 (3 weeks to start)
• Medical, Dental & Vision
• 401k Match
• Education Expense Reimbursement
• Gym Membership Reimbursement
• HSA and FSA 
• Employee assistance program (EAP)

 Traditional Physical Requirements

• Requires prolonged sitting, standing, bending, stooping and stretching.
• Requires the ability to lift 10 pounds.
• Requires eye-hand coordination, manual dexterity and a normal range of hearing and vision (with or without correction).

Join our team at Priority Technology Holdings, Inc. and be part of a dynamic and innovative company that is transforming the financial technology landscape. Together, we can shape the future of payments and banking solutions while providing unmatched value to our clients.