Vulnerability Management Analyst
CurrentVulnerability Management Analyst supporting the Application Security Program responsible for the identification, assessment, and risk based prioritization of both internal and external vulnerability findings across all Synchrony IT assets. - Recognized as technical remediation and data analytics subject matter expert (SME), expertise is leveraged to provide support and oversight for Vulnerability Management Team (VMT) process improvement efforts, the automation of data pipelines, and enhancements to program scanning/reporting/metrics coverage. - Engage with application/asset owners, technical support teams, and VM liaison stakeholders to support proactive assessment, remediation, and risk treatment of critical/high risk findings in compliance with VM Program standard defined remediation timeframes and risk thresholds. - Support tactical operations of the VMT to ensure SLA's for mission critical deliverables maintained as well as actively lead special initiatives to streamline upstream supporting processes and team member activities. - Primary POC task owner for quarterly external Approved Scanning Vendor (ASV) scanning/reporting for Payment Card Industry (PCI) compliance remediation engagement and findings attestation evidence collection/submission. - Primary POC task owner for the maintenance and optimization of data ETL pipelines and vulnerability scanner platform/tool/agent resources in use by the VMT. Duties involve development and implementation of report validation processes, health check monitoring dashboards, outage/incident technical support, and documentation/tracking of issues.