Connexus Credit Union

Financial Services

VulnerabilityManagementAnalyst

$4–7k Bulgaria FULL TIME Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Mid candidates.

The Brief

“Vulnerability Management Analyst at Connexus Credit Union. Skills: Vulnerability management, Security operations, Risk assessment, Regulatory compliance. Conduct regular vulnerability scanning. Analyze scan results”

Industry & Context.

Financial Services

Problems you'll solve

Analyze scan results; Identify false positives; Determine exploitability; Assess risk; Root cause analysis

What They're Looking For.

Must Have

3+ years professional work experience in vulnerability management, 3+ years experience in security operations, 3+ years experience in IT risk, Bachelor's degree in Information Security, Bachelor's degree in Computer Science, Bachelor's degree in Information Technology, Commensurate experience required, Prior financial industry regulations and frameworks required, Hands-on experience with vulnerability scanning tools required, Understanding of network vulnerabilities required, Understanding of operating system vulnerabilities required, Understanding of application vulnerabilities required, Understanding of patch management processes required, Understanding of secure configuration standards required, Knowledge of vulnerability scanning technologies required, Knowledge of vulnerability scanning methods required, Knowledge of risk prioritization frameworks required, Experience delivering monthly vulnerability status reports required, Experience tracking remediation efforts required

Nice to Have

GIAC (GSEC or GEVA) certification preferred upon hire, GIAC certification required within 6 months of hire

What You'll Do.

Conduct regular vulnerability scanning

Identify false positives

Determine exploitability

Assess regulatory risk

Prioritize vulnerabilities

Track vulnerabilities through remediation

Track vulnerabilities through validation

Track vulnerabilities through closure

Validate remediation effectiveness

Ensure practices align with FFIEC CAT

Ensure practices align with NCUA guidance

Ensure practices align with banking regulatory guidance

Ensure practices align with GLBA Safeguards Rule

Ensure practices align with Information Security policies

Ensure practices align with Risk Management policies

Prepare documentation for audits

Prepare metrics for audits

Prepare evidence for audits

Prepare documentation for regulatory exams

Prepare metrics for regulatory exams

Prepare evidence for regulatory exams

Prepare documentation for third-party assessments

Prepare metrics for third-party assessments

Prepare evidence for third-party assessments

Support risk acceptance decisions

Document compensating controls

Document residual risk

Partner with IT infrastructure teams

Partner with application development teams

Partner with cloud teams

Partner with network teams

Remediate identified risks

Translate technical vulnerabilities into business risk language

Provide guidance on secure configuration

Provide guidance on patching

Provide guidance on vulnerability mitigation

Participate in security incident response

Monitor emerging threats

Monitor zero-day vulnerabilities

Monitor industry advisories

Contribute to vulnerability management policies

Contribute to vulnerability management standards

Contribute to vulnerability management procedures

Assist with penetration testing coordination

Assist with penetration testing result analysis

Collect security control evidence

Organize security control evidence

Maintain security control evidence

Ensure alignment with required frameworks

Maintain accurate system inventory

Maintain authorization boundary documentation

Analyze scan results for false positives

Document justification for false positives

Prepare deviation requests

Participate in change management processes

Support enterprise vulnerability management tools

Maintain enterprise vulnerability management tools

Ensure timely updates for tools

Ensure timely patches for tools

Work with technical teams to create tickets

Track vendor dependencies

Track operational requirements

Track open vulnerabilities

Produce monthly reports

Produce monthly updates

Contribute to improving internal standards

Contribute to improving internal processes

Maintain documentation

Maintain training materials

Maintain standard operating procedures

Run daily vulnerability management program operations

Work closely with patch management analyst

Identify vulnerabilities

Patch vulnerabilities

Actively participate in weekly meetings

Comply with Federal Regulations

How You'll Work.

Team & Collaboration

Partner with IT teams; Partner with application teams; Partner with cloud teams; Partner with network teams; Work with technical teams; Work with patch management analyst; Work with vulnerability management team

Communication Scope

Translate technical vulnerabilities; Business risk language; Leadership communication; Non-technical stakeholder communication; Monthly reports; Monthly updates

Process & Methodology

Change management

Full Job Description

**Connexus Credit Union - Who We Are:** Serving members across all 50 states, Connexus Credit Union is a member-focused cooperative that is proud to return profits to member-owners through high yields for checking accounts and deposit products, as well as competitive rates on our loans. We are a remote first employer with the majority of our employees residing in the upper Midwest. As an employer we foster collaboration and high performance to achieve excellence. We holistically care for and develop our employees to thrive personally and professionally. We are proud to share our success with our employees and those we serve. **Connexus offers an Amazing Benefits package:** * 25 days of paid time off and 10 paid holidays * 16 hours of paid Volunteer Time Off * 401K Retirement with up to 6% employer match * Excellent Health, Dental, Vision insurance, including multiple plan options * Health Savings Account with generous employer contributions * Employer paid Life insurance, Short-Term and Long-Term Disability * Tuition Reimbursement from $4,000 - $7,000 per calendar year * Robust Learning and Development program that includes an annual professional development stipend **Responsibilities:** * Conduct regular vulnerability scanning of networks, servers, endpoints, cloud environments, and applications using approved tools. * Analyze scan results to identify false positives, determine exploitability, and assess business and regulatory risk. * Prioritize vulnerabilities based on CVSS scores, threat intelligence, asset criticality, and financial institution risk impact. * Track vulnerabilities through remediation, validation, and closure using ticketing or governance platforms. * Perform re-scans to validate remediation effectiveness. * Ensure vulnerability management practices align with: * FFIEC Cybersecurity Assessment Tool (CAT) * NCUA or banking regulatory guidance * GLBA Safeguards Rule * Internal Information Security and Risk Management policies * Prepare documentati

Free ATS check

Applying for this Vulnerability Management Analyst role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 30 detected · ranked by frequency

Vulnerability management ×3

Risk assessment ×3

Regulatory compliance ×3

Vulnerability scanning ×3

Risk analysis ×3

Threat intelligence ×3

Remediation tracking ×3

Secure configuration ×3

Patch management ×3

Risk acceptance ×3

Continuous monitoring ×3

System inventory ×3

Deviation requests ×3

Change management ×3

Vulnerability reporting ×3

Vendor dependencies ×3

Operational requirements ×3

Patch management operations ×3

Security operations ×2

Nessus ×2

Tenable.io ×2

Qualys ×2

Rapid7 ×2

Microsoft Defender ×2

Risk management

Information security

Tenable

Wiz

Prisma

Burp

Role Details

Seniority mid

Experience 3–5 yrs

Level Mid

Work Mode Remote

Type FULL TIME

Education Bachelor's

Category software

Salary Band <30k

AI-Extracted Insights

Domain Areas

ffiec-cybersecurity-assessment-toolncua-regulatory-guidancebanking-regulatory-guidanceglba-safeguards-ruleinformation-security-policiesrisk-management-policiesfinancial-institution-riskfinancial-services-industry

Certifications

GIAC GSECGIAC GEVA

How to Apply on Workday

Workday has a multi-step form — save your progress after every section.
"Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about Connexus Credit Union?

Real rants from real employees. Read before you apply.

Read Company Rants →