Lead Information Security Engineer - Vulnerability Management

Make banking a Fifth Third better
We connect great people to great opportunities. Are you ready to take the next step? Discover a career in banking at Fifth Third Bank.

The Lead Information Security Engineer on the EVM Remediation team will be supporting the continuous vulnerability remediation process and reduce the Fifth Third Bank's attack surface across cloud and traditional infrastructure, endpoints, and applications. This role is responsible for managing vulnerabilities from various scanning tools, analyzing, prioritizing, and communicating relevant, actionable information across the bank and our lines of business (LOBs).

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Vulnerability Remediation Support

• Mentor junior engineers and drive an attitude and atmosphere of excellence.
• Contribute to team intake: Team Inbox, SNOW tickets, Ad Hoc inquiries, and requests for assistance.
• Manage reporting and timely remediation for vulnerabilities from infrastructure scans, cloud, containers, penetration testing, source code (SAST/SCA), and Bug Bounty.
• Drive detailed and comprehensive remediation planning for clear and accurate forecasts.
• Conduct proactive follow-up and escalate in the absence of concrete plans.
• Communicate effectively to engage and collaborate with key stakeholders on remediation, provide guidance, and follow through vulnerability closure.
• Perform data analysis at scale and drive informed decisions with vulnerability prioritization and remediation campaigns.
• Manage requests for False Positives, Exceptions, and Risk Acceptance for vulnerabilities.
• Prioritize emerging threats and 0days as they surface through Threat Intelligence.
• Collaborate with partner teams in IS and application teams Bank-wide to drive remediation and build rapport.

Metrics, Reporting & Dashboards

• Report and track metrics, KPIs, and KRIs with proactive escalations to maintain risk within acceptable appetite.
• Create and maintain operational dashboards to enable Self-Service for remediation teams.
• Create impactful presentations to deliver key metrics and data to senior leadership.

Process Improvement & Documentation

• Work within Agile framework to deliver incremental value.
• Consistently seek opportunities to improve EVM processes and demonstrate measurable impact towards reducing inefficiencies through implementation of Lean practices.
• Create and maintain meticulous documentation about team processes to ensure auditable procedures and clear guidance for new and junior team members.
• Assist team on more complex issues and questions as they arise, training team to improve collective knowledge and understanding.
• Stay abreast of emerging technologies, actively engage in continuous learning to master new skills, and contribute to culture of continuous improvement and professional growth.
• Contribute to the evolution of the Program and contribute to additional duties and projects as appropriate.

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:

• At least 6 years of related hands-on experience in Vulnerability Management, IS Engineering or similar Information Security domains.
• Strong understanding of security concepts, best practices, and articulate risk.
• Skill in effective oral and written communication, including presentations to Senior management, various levels of business and IT stakeholders, and technical resources.
• Strong analytical and problem-solving skills.
• Strong attention to detail.
• Strong collaboration skills.
• Experience working with scripting is a plus.
• Bachelor's degree in computer science/information systems or equivalent combination of education and experience. Master's degree a plus.
• Industry Standard Certifications such as, but not limited to: CompTIA Security+, CISSP, CISM, GIAC and AWS are preferred.

At Fifth Third, we understand the importance of recognizing our employees for the role they play in improving the lives of our customers, communities and each other. Our Total Rewards include comprehensive benefits and differentiated compensation offerings to give each employee the opportunity to be their best every day.

The base salary for this position is reflective of the range of salary levels for all roles within this pay grade across the U.S. Individual salaries within this range will vary based on factors such as role, relevant skillset, relevant experience, education and geographic location. In addition to the base salary, this role is eligible to participate in an incentive compensation plan, with any such payment based upon company, line of business and/or individual performance.

Our extensive benefits programs are designed to support the individual needs of our employees and their families, encompassing physical, financial, emotional and social well-being.You can learn more about those programs on our 53.com Careers page at: https://www.53.com/content/fifth-third/en/careers/benefits.html or by consulting with your talent acquisition partner.

Attention search firms and staffing agencies: do not submit unsolicited resumes for this posting. Fifth Third does not accept resumes from any agency that does not have an active agreement with Fifth Third. Any unsolicited resumes - no matter how they are submitted - will be considered the property of Fifth Third and Fifth Third will not be responsible for any associated fee.

Fifth Third Bank, National Association is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.