AVP Cloud Vulnerability Management Engineer

Job Overview :

As a member of the Information Security team, the AVP Cloud Vulnerability Management Engineer will be responsible for developing, maturing, and supporting the Cloud Security program with an emphasis on identifying, prioritizing and tracking vulnerabilities and misconfigurations in cloud or external resources. This position will partner with Cloud Engineering and other Information Security teams to ensure that company private cloud resources are securely configured and maintained to address cyber threats. Additionally, this position will implement and manage external attack surface monitoring capabilities to proactively identify and track potential external risks.

Cloud security and attack surface management is a top area of focus at LPL. This is an exciting time to join the Information Security team as we are continuing to build and mature the program.

Responsibilities :

Develop and implement an end-to-end process for managing cloud vulnerabilities, misconfigurations, and external exposures

Review, implement, and maintain cloud security posture management policies to identify misconfigurations or vulnerabilities in cloud resources

Develop and maintain a framework for assessing and prioritizing cloud security and external attack surface management alerts based on risk

Work with appropriate remediation teams to prioritize remediation efforts, review potential false-positives and evaluate potential mitigating factors

Automate the communication of cloud security and attack surface management alerts to remediation stakeholders for actioning by configuring integrations with issue tracking tools

Produce and track routine reports / metrics on cloud vulnerabilities and misconfigurations

Partner with Security Engineering to implement and manage Cloud Security Posture Management tools to perform automated security scanning / analysis of cloud resources, including containers and serverless functions

Implement and manage external attack surface management tool policies

Monitor and review CVEs, industry developments, and provide inputs for continuous improvement

Work with Internal Audit, IT Governance, IT Compliance and other key stakeholder groups on specific projects to ensure compliance with applicable regulatory requirements

Act as an SME in the area of Cloud Security and external attack surface management

What are we looking for?

We want strong collaborators who can deliver a world-class client experience. We are looking for people who thrive in a fast-paced environment, are client-focused, team oriented, and are able to execute in a way that encourages creativity and continuous improvement.

Requirements :

5 years of Cloud experience specifically working with AWS and Azure environments

5 years of experience managing and using Cloud Security Posture Management and External Attack Surface Management scanning tools such as Wiz, XPanse, Prisma, Laceworks, Orca

5 years of experience with reviewing, analyzing, managing, and remediating security vulnerabilities and misconfigurations in cloud resources

Preferences :

Bachelor’s Degree or equivalent in Information Security, Engineering, Computer Science

Advanced level of knowledge of the major Cloud platforms, the types of resources that can be deployed within each platform, common cloud misconfigurations / vulnerabilities and how to fix such issues

Understanding of OWASP Top 10 Cloud Native Application Security Risks, their identification, and architecture, design, ways to mitigate them

Experience developing controls to secure Cloud native applications

Strong scripting experience in languages such as Powershell, Python, and Bash

Strong analytical, interpersonal and communication skills

LI-PA

Pay Range :

118,988-$198,313 / yearActual base salary varies based on factors, including but not limited to, relevant skill, prior experience, education, base salary of internal peers, demonstrated performance, and geographic location. Additionally, LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play – such as 401K matching, health benefits, employee stock options, paid time off, volunteer time off, and more. Your recruiter will be happy to discuss all that LPL has to offer!

Company Overview :

LPL Financial Holdings Inc. (Nasdaq : LPLA) was founded on the principle that the firm should work for advisors and institutions, and not the other way around. Today, LPL is a leader in the markets we serve, serving more than 23,000 financial advisors, including advisors at approximately 1,000 institutions and at approximately 580 registered investment advisor ("RIA") firms nationwide. We are steadfast in our commitment to the advisor-mediated model and the belief that Americans deserve access to personalized guidance from a financial professional.

At LPL, independence means that advisors and institution leaders have the freedom they deserve to choose the business model, services, and technology resources that allow them to run a thriving business. They have the flexibility to do business their way. And they have the freedom to manage their client relationships, because they know their clients best. Simply put, we take care of our advisors and institutions, so they can take care of their clients.

Join LPL Financial : Where Your Potential Meets Opportunity

At LPL Financial, we believe that everyone deserves objective financial guidance. As the nation’s leading independent broker-dealer, we offer an integrated platform of cutting-edge technology, brokerage, and investment advisor services.

Salary : $118,988 - $198,313