Lead, Security Engineer V&CM - Common Securitization Solutions

OVERVIEW

The Company

U.S. Financial Technology (U.S. FinTech) is seeking an experienced Lead, Security Engineer Vulnerability and Configuration Management to join our team of talented professionals. This is a full-time remote opportunity.

U.S. FinTech built and operates the largest and most advanced mortgage securitization platform in the world, supporting the Uniform Mortgage-Backed Security (UMBS) of Fannie Mae and Freddie Mac.

Supporting 70% of the mortgage-backed securities in the market, U.S. FinTech provides best-in-class single-family issuance, bond administration, disclosure, and tax services. We support a broad portfolio of products for our clients with full lifecycle management.

Our market-leading, cloud-based, end-to-end platform executes transactions on an extraordinary scale which has bolstered liquidity in the secondary mortgage market, one of the largest and most important financial markets in the world. Our unique approach to securitization combines the best minds in financial services with the know-how, flexibility, and innovation of leading technologists.

RESPONSIBILITIES

Job Information

The Lead Vulnerability and Compliance Analyst main responsibilities would be to act as a Subject Matter Expert for all programs within the VCM space. This would include conducting comprehensive vulnerability assessments using tools such as Wiz and Tenable. Leverage strong analytical and problem-solving skills to identify weaknesses in US FinTech’s IT Infrastructure. Communicate findings effectively, via reports/meetings to prioritize vulnerability remediation. Utilize the developed processes to track, prioritize, and ensure remediation of found vulnerability and compliance issues. Continuous monitor US FinTech infrastructure for Vulnerability and Compliance related issues. Make Improvements to monitors, scans, dashboards, and reporting. Ability to work independently and in a team environment, collaborate effectively with other InfoSec Teams and IT Infrastructure teams. Eager to learn and adapt to emerging cloud technologies and tools in a fast-paced environment.

Key Job Functions

• Vulnerability Assessment
• Act as a Subject Matter Expert for the VCM program, processes, and tooling.
• Configure, tune, and maintain vulnerability management tools
• Work with Security Architecture on new build outs, new business, new technologies, new environments to ensure coverage of VCM programs, processes, and tooling.
• Build out new Security baselines for CIS, DISA STIG, and custom baselines.
• Correlate Vulnerabilities with threat intelligence to assess exploitability and risk. Work with Cyber Security Operations Center to ensure mitigations are in place while vulnerabilities are being remediated
• Provide detailed risk assessments for discovered vulnerabilities.
• Rem