Vulnerability Management And Compliance Specialist

Summary

Join interface.ai, a leading AI provider for banks and credit unions, as a Vulnerability Management & Compliance Specialist. This role requires 5-8 years of experience in vulnerability management, patch management, and penetration testing within AWS environments. You will conduct vulnerability scans, risk assessments, and remediation, leveraging AWS services like Security Hub and Inspector. Responsibilities include ensuring compliance with standards like SOC2, PCI DSS, and GLBA, and collaborating with cross-functional teams. The ideal candidate possesses strong understanding of vulnerability scanning and patch management tools and relevant certifications are preferred. Interface.ai offers a remote-first policy and a comprehensive insurance policy.

Requirements

• 5-8 years of experience in vulnerability management, patch management, and Penetration testing
• Proven experience with AWS cloud security tools and services
• Strong understanding of vulnerability scanning tools (e.g., Nessus, Qualys, OpenVAS)
• Experience with AWS security services (e.g., AWS Security Hub, AWS Inspector)
• Hands-on experience with patch management tools (e.g., Manage Engine)
• Experience in compliance, with a focus on SOC 2, PCI DSS, ISO 27001, and GLBA

Responsibilities

• Conduct periodic vulnerability scanning, risk assessment, and remediation in AWS cloud environments
• Leverage AWS services (Security Hub, Inspector, etc.) to maintain a secure cloud infrastructure
• Conduct periodic Penetration Testing on the defined scope by Engineering Teams
• Identify, document, and prioritize vulnerabilities using industry standard tools
• Coordinate with cross functional teams to ensure timely remediation of security issues
• Manage and implement patch management strategies for cloud (AWS)
• Monitor and apply security patches, bug fixes, and updates across all environments
• Maintain compliance with security patch policies and regulatory requirements
• Ensure security best practices are followed for cloud services and virtualized workloads
• Analyze vulnerability scan results, categorize risks, and produce detailed reports for management
• Collaborate with internal stakeholders to communicate vulnerabilities, risks, and mitigations
• Propose solutions for identified vulnerabilities and ensure effective implementation
• Assist in investigating and responding to security incidents related to vulnerabilities and patching
• Participate in post incident analysis and suggest improvements for future prevention
• Ensure all systems meet internal and external compliance requirements (e.g., SOC2, PCI DSS, GLBA)
• Stay updated with security trends, vulnerabilities, patches, and regulatory requirements
• Enforce security policies and guidelines for vulnerability and patch management

Preferred Qualifications

• AWS Certified Security – Specialty or equivalent
• CompTIA Security+, CEH (Certified Ethical Hacker)

Benefits

• Remote First Policy
• Comprehensive Insurance Policy
• A chance to have a huge impact early in your career