Lead Information Security Engineer - Vulnerability Management

Make banking a Fifth Third better

We connect great people to great opportunities. Are you ready to take the next step? Discover a career in banking at Fifth Third Bank.

The Lead Information Security Engineer on our EVM team will be supporting the continuous vulnerability remediation process and reduce the Fifth Third Bank's attack surface across cloud and traditional infrastructure, endpoints, and applications. This role is responsible for managing vulnerabilities from various scanning tools, analyzing, prioritizing, and communicating relevant, actionable information across the bank and our lines of business (LOBs).

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Manage reporting and timely remediation for vulnerabilities from infrastructure scans, cloud, containers, penetration testing, source code (SAST/SCA) and Bug Bounty.
• Report and track metrics, KPIs and KRIs with proactive escalations to maintain risk within acceptable appetite.
• Communicate effectively to engage and collaborate with key stakeholders on remediation, provide guidance, escalations and follow through vulnerability closure.
• Perform data analysis at scale and drive informed decisions with vulnerability prioritization and remediation campaigns.
• Create and maintain dashboards to enable Self-Service for remediation teams.
• Manage requests for False Positives, Exceptions and Risk Acceptance for vulnerabilities.
• Prioritize emerging threats and 0days as they surface through Threat Intelligence
• Consistently seek opportunities to improve EVM processes and demonstrate measurable impact towards reducing inefficiencies through implementation of Lean practices.
• Stay abreast of emerging technologies, actively engage in continuous learning to master new skills, and contribute to culture of continuous improvement and professional growth.

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:

• At least 6 years of related hands-on experience in Vulnerability Management, IS Engineering or similar Information Security domains.
• Strong understanding of security concepts, best practices, and articulate risk.
• Skill in effective oral and written communication, including presentations to Senior management, various levels of business and IT stakeholders, and technical resources.
• Strong analytical and problem-solving skills.
• Experience working with scripting (Python, Pandas, Groovy, etc.) is a major plus.
• Strong collaboration skills.
• Bachelor's degree in computer science/information systems or equivalent combination of education and experience. Master's degree a plus.
• Industry Standard Certifications such as, but not limited to: CompTIA Security+, CISSP, CISM, GIAC and AWS are preferred.

Lead Information Security Engineer - Vulnerability ManagementTotal Base Pay Range 78,300.00 - 157,000.00 USD AnnualLOCATION -- Virtual, Ohio 00000

Fifth Third Bank, National Association is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.