Principal Cyber Vulnerability Engineer

The Cyber Vulnerability Operations Team consists of both the Application Security (AppSec) teams and the Vulnerability Management Operations (VM Ops) teams. Together, the Vulnerability Operations team collaborates with peers across Comerica to provide visibility into vulnerabilities within applications and infrastructure and ensures they are remediated, as well as facilitates and enforces the use of secure development practices across the bank.
The ideal candidate will have experience with Qualys Policy Compliance module and VMDR module is required for this role. Ideal candidate will have experience with scripting, regular expressions and expertise in at least one programming language.
The Principal Cyber Vulnerability Operations Engineer role is responsible for vulnerability scanning, prioritizing vulnerabilities, and driving remediations while partnering with the application and infrastructure teams. The ideal candidate for this role will have hands-on expertise working in vulnerability management and operations and will have knowledge of tools such as Qualys, PowerBI, and/or SAST/DAST. This candidate will be experienced working with cross-functional teams in vulnerability management and prioritization and will have the ability to automate while using a programming language.
Provide knowledge of Vulnerability Operations including but not limited to:

Maintain, optimize, configure, and solve the vulnerability management solutions deployed enterprise-wide.Perform enterprise-wide scheduled and ad-hoc vulnerability assessments, including network, agent, and authenticated scans.Ensure coverage and accuracy of the various vulnerability scanning and reporting tools throughout the infrastructure and applications.Develop and integrate dynamic and data-driven dashboards and workflows that provide up to date vulnerability information to asset owners and leadership teams.Improve procedures by automating Vulnerability Management processes through data extraction/transformation and tool integrations.Review and refine vulnerability findings to reduce false positives and other issues.Collaborate and communicate detailed vulnerability findings to the teams responsible for remediation.Leverage criteria such as threat intelligence, asset and business impact, and compensating controls to develop risk prioritization standards that help target remediation activities and program goals.Assist in vulnerability management platform configurations, evaluations and POVs.Design and deliver clear, actionable Vulnerability Management reports, metrics, and briefings.Review new vulnerabilities, assess potential risks to Comerica, and draft alert bulletins.Apply standard processes and develop security documentation under the guidance of Vulnerability Management leads.Collaborate with technical leads across Comerica to ensure assets are appropriately covered by the Vulnerability Management program.Work with asset owners and technical teams to develop scanning schedules, configurations, and asset exclusion lists for each Business Unit.

 

Position Responsibilities:
Vulnerability Management Operations

Perform vulnerability assessments and common baseline control scans across the Comerica environment and report on Key Risks Indicators (KRIs).Lead security vulnerabilities and risk management activities across Comerica, including identifying vulnerabilities and supporting application/system owners to manage risks/remediate vulnerabilities.Establish and mature processes around vulnerability management, remediation, and reporting.Lead key projects such as vulnerability prioritization to remediate critical key vulnerabilities.Participate in vendor evaluations and selection for vulnerability management products, such as external attack surface management.Implement and support those products on a continuous basis.Stay current on vulnerability management best practices across the industry.

Administration & Reporting

Develop a comprehensive set of metrics to track on enterprise risks and remediation trends and keep Management informed of them through accurate, timely, and appropriate reporting.Support monthly KRI reporting through data collection, working with application and infrastructure teams to remediate vulnerabilities.Create presentations based off KRI materials and keep Management informed of them.

Technical Consulting & Communication

Drive technical excellence and implementation of vulnerability management best practices in collaboration with technology teams across the enterprise.Provide consultation to and work closely with other functional infrastructure areas/departments on multiple initiatives to meet common organizational/business goals and objectives.Collaborate with business units, application and infrastructure teams, and vendors to identify, review and evaluate solution requirements.Automate existing manual processes in order to create improved processes and create faster delivery.Coach and mentor more junior team members and application teams on vulnerability remediation efforts.

Risk Management

Identify and communicate gaps in our vulnerability management practices.Participate in Red Team exercises to identify potential vulnerabilities proactively.Partner with application and infrastructure owners to provide consulting on vulnerability remediation to allow them to appropriately remediate large highly complex vulnerabilities within the SLA (service level agreement) and reduce risk for the bank.Develop cyber vulnerability analysis for known vulnerabilities, as well as cyber-related metrics and reporting deliverables.

Position Qualifications:

Bachelor's Degree from an accredited university in Computer Science, Engineering, Information Systems, Cybersecurity, or Business Administration OR equivalent through a combination of High School/GED education and/or technology experience OR 12 years of relevant experience6 years of experience in Cyber or Information Security, preferably in Vulnerability Management and Security in the financial services industry5 years of experience in collaborating across Enterprise IT and Security to remediate vulnerabilities identified3 years of experience with programming concepts and fundaments (e.g. Python, .Net, Java, Java Script, or Powershell) and ability to automate with those tools2 years of experience Vulnerability assessments, including creating, maintaining, and troubleshooting scan configurations across the enterprise2 years of experience with Vulnerability Management across cloud platforms and with EVM management/prioritization2 years of experience with endpoint protection technologies

Preferred Qualifications:

Information security certificationsUnderstanding of industry security frameworks and standards (ISO, NIST, CIS)Proficiency in analyzing and transforming data using Excel, Power BI, presentation tools, and ETL toolsSelf-starter with ability to work individually in a fast-paced environment, as well as in a team environment with geographically distributed team-membersSuperb attention to detail, problem-solving, communication, and collaboration skillsAbility to excel, adapt, and work expertly and positively to contribute with advancing team objectivesExperience with system administration tools and processesFamiliarity with DevOps, CI/CD, and development methodologiesPython Programing  Work Best Category: Category C - Days in the office will either be designated days or will vary week to week from 2-5 days  Hours: 8:00am - 5:00pm Monday - Friday  Salary: To Be Determined Based on Individual Experience

About Comerica
We know our employees are critical to our overall success and we are dedicated to investing in their future. One of the ways we do this is to offer a comprehensive Total Rewards package designed to recognize and reward individual performance, as well support health, well-being, development and security for our colleagues and their family. Total Rewards consists of cash compensation, development and flexible benefit programs designed to meet individual needs today and in the future. Your salary will be commensurate with your work experience and our programs are reviewed regularly to ensure each remain competitive. We are proud to offer benefits such as health and welfare programs, strong retirement benefits, and generous paid time off programs. You and your eligible family members, including domestic partners and their children, can participate in medical, dental, and vision benefits, 401(k) and pension, income protection benefits such as life insurance, AD&D, and supplemental health programs to offset unexpected health care expenses. We also have a variety of time off programs for things like vacation, sick time, disability, and parental leave. Eligibility for some programs varies based on employment status and tenure.

Upon offer, Comerica conducts a comprehensive background and fingerprint check. Your fingerprints will be used to check the criminal history records of the FBI and may be subscribed in the FBI’s Record of Arrest and Prosecution Background (“RAP Back”) service, which provides ongoing notification to the Company of any updates to your criminal history.

NMLS certification requirement: where applicable, a favorable background check screening, credit check, fingerprint check, and NMLS certification is required in accordance with the SAFE Act.

Comerica Incorporated (NYSE: CMA) is a financial services company headquartered in Dallas, Texas, and strategically aligned into three major business segments; the Commercial Bank, the Retail Bank, and Wealth Management. Comerica's colleagues focus on relationships, and helping people and businesses be successful. In addition to Texas, Comerica Bank locations can be found in Arizona, California, Florida and Michigan, with select businesses operating in several other states, as well as in Canada and Mexico.

Comerica is proud to be an Equal Opportunity Employer – disability/veteran.