Department Leader - Attack Surface Management
Company: EDWARD JONES
Location: Jefferson City
Posted on: September 13, 2023
Job Description:
At Edward Jones, we help clients achieve their serious,
long-term financial goals by understanding their needs and
implementing tailored solutions. To ensure a personal client
experience, we have located our 15,000+ branch offices where our
more than 7 million clients live and work.
In a typical branch office, a financial advisor meets with clients
and receives branch office support, so they can focus on building
deep relationships with clients. Headquarters associates in St.
Louis, Tempe and Mississauga provide support and expertise to help
U.S. and Canada branch teams deliver an ideal client experience. We
continue to grow to meet the needs of long-term individual
investors.Team Overview :
In 2022, Edward Jones invested $ 1 billion in technology
infrastructure, digital initiatives, and virtual business
enablement tools. We're currently in the test and learn phase and
are looking for talented, motivated professionals, that want to be
part of this transformational journey. Cloud-based architecture and
modern technical capabilities will enable us to grow our impact
while providing the best client experience possible.
You may be surprised to know that Edward Jones employs thousands of
technical resources - all focused on creating world-class
experiences for our clients and branch offices. If you've
considered Edward Jones in the past, it's time to take another
look. We are in the midst of embracing a modern, cloud-based
architecture and are looking for exceptional individuals that want
to be a part of that future.
What you'll do :
As the Department Leader for Attack Surface Management, you are a
key member of the Information Security leadership team. You will
work with other leaders to make key decisions in protecting the
firm from advanced cyber-attacks. This role will primarily focus on
protecting and defending Edward Jones by utilizing scanners,
penetration tests, and attack surface management platforms to
identify and reporting on vulnerabilities in meaningful and
actionable ways. This role requires a balance of technical
expertise and clear communications under high pressure situations
to effectively maintain control and lead across a multitude of
teams. You will personally set the strategy for all capabilities
within the Attack Surface Management organization, as well as serve
as a partner for the various teams responsible for patching and
remediation.
Here are a few of the key responsibilities you will be a part of
:
- Responsible for the strategic and operational aspects of the
vulnerability scanning, configuration scanning, security
assessments, penetration testing, reporting, and dissemination
functions
- Provide security services that align with business objectives
and regulatory requirements
- Provide briefings for our CISO and stakeholders to keep them
informed on the latest state of critical vulnerabilities and
general state of patching
- Serve as the security leader for major or high-profile patching
initiatives, such as critical 0-day vulnerabilities
- Provide timely and relevant updates to appropriate executives,
leaders, and decision makers
- Set and implement a schedule for executing penetration tests
against applications using a risk-based prioritization
- Schedule and oversee third-party, independent assessments of
critical initiatives and environments
- Work as a partner with the Application Security Team to ensure
streamlined reporting of vulnerabilities across the
environments
- Ensure the development of processes and procedures to improve
vulnerability management, configuration management, attack surface
management, penetration testing, and reporting functions
- Establish meaningful KPIs for team performance & SLAs/OLAs with
a mindset of continuous improvement
- Establish meaningful KRIs for identifying key areas of risk and
working with Tech Risk Management and Enterprise Risk Management
with a mindset of continuous risk management
- Recommend and help select new and emerging data-driven security
solutions and technologies to improve the area and overall vendor
management
- Develop relationships with external security organizations to
maintain awareness of security issues and trends
- Train and mentor othersWhat you'll need :
- Bachelor's degree and/or relevant work experience
- 12+ years of professional experience within technology or
related field including :
- 6+ years in vulnerability management or penetration testing, as
well as significant contributions to related strategies in those
areas
- 4+ years of management/leadership experience
- Subject matter experience obtained by performing or leading
activities in the following subjects :
- implementing vulnerability scanners, implementing attack
surface management platforms, managing configuration management
programs, managing penetration tests, utilizing platforms for
threat-based prioritization of patching and managing large-scale
zero-day remediations
- Ability to direct independently and to collaborate effectively
with local and remote teams with a strong focus on performance and
delivery
- Advanced knowledge and understanding of security issues, risks,
concepts, and terminology
- Proven ability to effectively communicate vulnerability
details, technical analysis, and prioritization decisions within
all levels of the organization, as well as with external
parties
- Excellent interpersonal and organizational skills are needed to
prioritize tasks and serve as a leader for enterprise security
initiatives
- While not directly responsible for patching, the candidate
needs to be a strong leader that can partner with teams to drive
patching and remediation efforts
- 100 Best Workplaces for Millennials in 2022, published Fortune
July 2022, Great Places to Work - data as of March 2022.
Compensation provided for using, not obtaining, the rating.
- Edward Jones was recognized as one of the Best Workplaces for
Millennials by Great Places to Work - and Fortune - magazine. The
privately held firm ranked No. 2 overall, in its fourth appearance
on the list.2022 Fortune Best Workplaces for Women, published
September 2022, research by Great Places to Work -, data as of
August 2021. Compensation provided for using, not obtaining, the
rating.
Edward Jones has been named to the
2022 Best Workplaces for Women list by Great Places to Work - and
Fortune - magazine, ranking No. 45.2022 Fortune's 100 Best
Companies to Work For, published April 2022, research by Great
Place to Work -, data as of August 2021. Compensation provided for
using, not obtaining, the rating.
For the 23rd time, Edward Jones has
earned a spot on the Fortune 100 Best Companies to Work For -
ranking by Great Places to Work - and Fortune - magazine. Edward
Jones ranked No. 35 on the prestigious 2022 list.2022 Best Places
to Work For LGBTQ+ Equality, Great Place to Work - in partnership
with Human Rights Campaign Foundation, published Equity Magazine
January 2022, data as of July 2021. Compensation provided for
using, not obtaining, the rating.
Edward Jones scored 100 percent on
the Human Rights Campaign Foundation's 2022 Corporate Equality
Index (CEI) the nation's foremost benchmarking survey and report
measuring corporate policies and practices related to LGBTQ+
workplace equality. The ranking designated Jones as one of the best
places to work for LGBTQ+Equality.Edward Jones does not
discriminate on the basis of race, color, gender, religion,
national origin, age, disability, sexual orientation, pregnancy,
veteran status, genetic information or any other basis prohibited
by applicable law.At Edward Jones, we value and respect our
associates and their contributions, and we recognize individual
efforts through a rewards program that promotes a long-term career,
financial security and well-being. to learn more about our total
compensation approach, which in addition to base salary, typically
includes benefits, bonuses and profit sharing. The salary range for
this role is based on national data and actual pay is based on
skills, experience, education, and other relevant factors for a
potential new associate:
Salary: $131635 - $224136
Category: Headquarters
Keywords: EDWARD JONES, Jefferson City , Department Leader - Attack Surface Management, Executive , Jefferson City, Missouri
Didn't find what you're looking for? Search again!
Loading more jobs...