Job Description
Our client a well known Financial Services Company is seeking a Cyber Security Analyst in their New York, New York Location
The Vulnerability Patch Management analyst will
- Drive the full vulnerability patch management lifecycle: identification, prioritization, and remediation for all infrastructure, systems, applications, and SDLC.
- Deliver consistent, high-quality VPM reporting to leadership and relevant teams.
- Collaborate extensively with IT stakeholders across the Americas, Head Office, and international platforms.
- Assess vulnerability impact and risk levels to inform strategic remediation.
- Prioritize patch deployments and manage SLA breaches, developing and executing follow-up plans.
- Design and enhance VPM procedures and processes.
- Participate in vulnerability assessments and track software/system updates.
- Strengthen compliance and adherence to security best practices and approved tools.
- Liaise with Second Line of Defense and auditors.
- Coordinate the development and maintenance of a comprehensive patch management strategy.
- Assist IT teams with timely vendor patch acquisition and deployment.
- Monitor and report on patch management effectiveness, implementing improvements.
- Stay current on industry best practices and emerging threats.
- Provide backup support for cybersecurity projects, incidents, and audit remediation.
- Be available for off-hours support as needed to address emergent threats.
Skills
- Proven experience in vulnerability management, patch management, or related security roles with oversight of Plans of Action and Milestones (POAM).
- Strong understanding of common security vulnerabilities and the ability to assess their impact on systems and infrastructure.
- Experience with vulnerability management and SIEM tools.
- Familiarity with security, IT Audit frameworks and standards (NIST. FFIEC handbooks etc.)
- Excellent communication and collaboration skills for management presentation materials and ability to work effectively with cross-functional teams.
- Experience on reporting and analysis tools is required - PowerBl, Advanced Excel/PowerQuery.
Education
- Bachelor’s degree in computer science, Information Security, Cyber Security, or related field.
- Relevant certifications such as CISSP, CRISC, CISM, SECURITY+ or equivalent are a plus