Vulnerability Analyst ( Cybersecurity Assessment/Audit )

Discover. A brighter future.
With us, you'll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it - we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.
Come build your future, while being the reason millions of people find a brighter financial future with Discover.
Job Description:
What You'll Do

• The Cybersecurity Assessor will be responsible for conducting cybersecurity assessments on DFS managed systems and technologies, ensuring compliance to DFS Cybersecurity Standards. The Cybersecurity Assessor will be responsible for managing all aspects of the assessment lifecycle and will be expected to contribute to the ongoing development and maturity of the Standards Assurance assessment programs.
• Responsible for compliance/vulnerability management framework, program optimization, evaluating vulnerabilities, remediation metrics reporting and assessing threats severity and impact on corporate assets.
• Actively manages and escalates risk and customer-impacting issues within the day-to-day role to management.

How You'll Do It

• Complete cybersecurity assessments on DFS managed systems and technologies, ensuring compliance to DFS Cybersecurity Standards.
• Manage assessment lifecycle beginning to end. Assessment activities include pre-assessment meetings, artifact/evidence collection, assessment workflow management, cybersecurity assessment report generation and documenting risk associated with compliance issues.
• Responsible for assessment program maturity, ensuring assessment-related documentation and activities align with current DFS cybersecurity standards as well as the current threat landscape.
• Contribute to the evolution of the assessment program ensuring alignment with enterprise and BT initiatives.
• The ideal candidate will have good customer focus, a positive attitude and excellent interpersonal, verbal and written communication skills. The candidate must also possess a strong attention to detail.
• Support other team and department functions as necessary, this includes support for the Cybersecurity Review Council and Financial Institution Audit functions.
• Support development and maintenance efforts associated with CSSA ServiceNow instances.
• Works independently to scope vulnerable bodies of technologies, identify weaknesses, severity and impact, and recommend paths to remediation.
• Learns advanced Cybersecurity concepts including new and modern threat exploitation techniques of inside and outside bad actors.
• Contributes to actionable intelligence in the form of reports, notifications, alerts and briefings.
• Achieves team commitments (and influence others to do the same) by using informal leadership & highly developed communication skills.
• Mentors novices by providing learning tasks as well as work related tasks, directs the work of advanced beginners, and helps them continue to grow.
• Contributes to and leads security discussions at Discover. Has oversight on program impacting decisions. Guides team to achieve key results for assessment assignments

Minimum Qualifications
At a minimum, here's what we need from you:

• Bachelors - Information Security, Business Administration and Management, Analytics
• 4+ years of experience in Information Security, Cybersecurity, Computer Science, Data Analytics or related
• In lieu of education, 6+ years of experience in Information Security, Cybersecurity, Computer Science, Data Analytics or related

Internal applicants only: technical proficiency rating of Proficient on the Dreyfus Cyber engineering scale.
Physical and Cognitive Requirements
The physical requirements described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable a qualified individual with disabilities to perform the essential functions of the position as required by federal, state, and local laws:
Primarily remain in a stationary position.
Primarily performed indoors in an office setting
Ability to operate office equipment such as but not limited to computer, telephone, printer, and calculator.
Ability to communicate verbally.; Ability to communicate in written form.
Bonus Points If You Have

• Experience working with cybersecurity frameworks (PCI-DSS, NIST, ISO, etc.)
• Experience conducting Cybersecurity risk assessments or technology audits
• Prior experience as a cybersecurity practitioner (e.g. - experience in a cybersecurity domain such as network security, access control, cloud security, etc.)
• Industry Cybersecurity certifications (SANS, ISACA, ISC2, etc.)
• Knowledge of public cloud platforms (e.g. AWS)
• Experience with infrastructure software/hardware
• Experience with ServiceNow workflow development and/or maintenance

External applicants will be required to perform a technical interview.
Discover will not sponsor or transfer employment work visas for this position. Applicants must be currently authorized to work in the United States on a full-time basis.
Application Deadline:
The application window for this position is anticipated to close on Dec-29-2024. We encourage you to apply as soon as possible. The posting may be available past this date, but it is not guaranteed.
Compensation:
The base pay for this position generally ranges between $91,000.00 to $153,400.00. Additional incentives may be provided as part of a market competitive total compensation package. Factors, such as but not limited to, geographical location, relevant experience, education, and skill level may impact the pay for this position.
Benefits:
We also offer a range of benefits and programs based on eligibility. These benefits include:

• Paid Parental Leave
• Paid Time Off
• 401(k) Plan
• Medical, Dental, Vision, & Health Savings Account
• STD, Life, LTD and AD&D
• Recognition Program
• Education Assistance
• Commuter Benefits
• Family Support Programs
• Employee Stock Purchase Plan

Learn more at mydiscoverbenefits.com .
What are you waiting for? Apply today!
All Discover employees place our customers at the very center of our work. To deliver on our promises to our customers, each of us contribute every day to a culture that values compliance and risk management.
Discover is committed to a diverse and inclusive workplace. Discover is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or other legally protected status. (Know Your Rights & Pay Transparency Nondiscrimination Provision)
Discover complies with federal, state, and local laws applicable to qualified individuals with disabilities and is committed to providing reasonable accommodations. If you require a reasonable accommodation to search for a position, to complete an application, and/or to participate in an interview, please email [email protected] . Any information you provide regarding your accommodation needs will be kept confidential and will only be used to determine and provide necessary accommodation.