AVP, Vulnerability Management Engineer

Are you curious to learn? Are you interested in working on meaningful projects? Do you want to work with cutting-edge technology? Are you interested in being part of a team that is working to transform and do things differently? If so, LPL Financial is the place for you!

Job Overview:

LPL Financial is in search of an AVP - Vulnerability Management Engineer to mature and operate the existing VM program at LPL. As a member of the Information Security organization, the AVP Vulnerability Management Engineer will play a key role in ensuring that security vulnerabilities are effectively identified and managed within the environment. A successful candidate can expect to work closely with infrastructure, engineering, and application teams to ensure that vulnerabilities are remediated.  The AVP, Vulnerability Management Engineer is expected to identify solutions for common security problems while participating in a broader Information Security team focused on building relationships with stakeholders throughout the organization. This role will be expected to lead complex projects with minimal oversight.

Responsibilities:

• Perform as a vulnerability management SME in several of the following areas: Microsoft platform (Server, workstation, applications), Open Systems platforms (Linux, UNIX, VM Ware ESX), virtualization platforms (e.g. Citrix), Networking, Databases (Oracle, SQL Server, DB2, IMS), and Cloud (AWS, Azure, Google).

• Lead efforts to define/implement processes, policies, and procedures to govern vulnerability remediation, external attack surface, and compliance policy scanning efforts and track open vulnerabilities/issues from identification to resolution, following up with remediation owners and escalating risk as necessary

• Assist with the implementation, management and maintenance of vulnerability management and external attack surface platforms/tools, including troubleshooting and resolving technical/functional issues and ensuring successful platform operations

• Configure integrations between vulnerability management/external attack surface and issue tracking tools to most effectively communicate and track identified vulnerabilities

• Develop scripts and implement automated mechanisms to automate manual processes and tasks for gathering and consolidating information

• Configure and maintain custom compliance policy scanning rulesets based on CIS benchmarks and develop automated processes for reporting results to stakeholders

• Lead and drive large initiatives with enterprise level visibility to improve the Vulnerability Management program

• Help mentor other vulnerability management analysts

• Be able to successfully partner with other security and IT professionals to assess potential impact from vulnerabilities specific to LPL Financials environment, and determine and implement mitigating controls.

• Identify and recommend appropriate measures to manage and remediate vulnerabilities or security exposures and reduce potential impacts on information resources to a level acceptable to the senior management of the company.

• Be a champion for vulnerability management and information security including broadening awareness and use of the team’s services, education of security best practices and integration with other business areas.

• Perform manual testing of vulnerabilities and exploits leveraging tools such as Metasploit, NMAP, and BurpSuite to identify false positives, validate security defenses and identify risk areas

• Understands vulnerability exploitation techniques and stays up to date on the latest vulnerabilities and exploits

• Develop and improve KPIs, metrics, and trending for vulnerability management functions.

What are we looking for?

We want strong collaborators who can deliver a world-class client experience. We are looking for people who thrive in a fast-paced environment, are client-focused, team oriented, and are able to execute in a way that encourages creativity and continuous improvement.

Requirements:

• 7+ years of practical experience in information security field within a large enterprise environment

• 5+ years of vulnerability management experience, including directly managing scanning tools (ex. Qualys, Rapid7, Tenable) and understanding types of vulnerabilities and techniques/compensating controls to mitigate associated risk

• 3+ years of managing and configuring external attack surface management platforms (ex. AssetNote, XPanse, CyCognito)

Preferences:

• Bachelors and/or Master’s Degree or equivalent in Information Security, Engineering, Computer Science.

• Experience building/managing integrations between vulnerability management tools with issue tracking tools (ex.JIRA, ServiceNow)

• Experience developing custom scripts to automate processes and consolidate data from different sources

• Strong analytical, interpersonal and communication skills

• Experience leading large scale technology and process improvement initiatives

• Experience creating and managing policy, processes and procedure documents

• Experience at a financial services/technology company or in a regulated industry.

• Ability to communicate with both technical and non-technical stakeholders at all levels of the organization.

• Experience managing security configuration hardening policy scanning programs and familiarity with CIS benchmarks

• Experience developing PowerBI dashboards

• ServiceNow Vulnerability Response administrator and/or development experience

#LI-Hybrid

#LI-PA

Pay Range:

$118,988-$198,313/year
 Actual base salary varies based on factors, including but not limited to, relevant skill, prior experience, education, base salary of internal peers, demonstrated performance, and geographic location. Additionally, LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play – such as 401K matching, health benefits, employee stock options, paid time off, volunteer time off, and more. Your recruiter will be happy to discuss all that LPL has to offer!
 

Company Overview:

LPL Financial Holdings Inc. (Nasdaq: LPLA) was founded on the principle that the firm should work for advisors and institutions, and not the other way around. Today, LPL is a leader in the markets we serve, serving more than 23,000 financial advisors, including advisors at approximately 1,000 institutions and at approximately 580 registered investment advisor ("RIA") firms nationwide. We are steadfast in our commitment to the advisor-mediated model and the belief that Americans deserve access to personalized guidance from a financial professional.

At LPL, independence means that advisors and institution leaders have the freedom they deserve to choose the business model, services, and technology resources that allow them to run a thriving business. They have the flexibility to do business their way. And they have the freedom to manage their client relationships, because they know their clients best. Simply put, we take care of our advisors and institutions, so they can take care of their clients.

Join LPL Financial: Where Your Potential Meets Opportunity

At LPL Financial, we believe that everyone deserves objective financial guidance. As the nation’s leading independent broker-dealer, we offer an integrated platform of cutting-edge technology, brokerage, and investment advisor services.

Why LPL?

• Innovative Environment: We foster creativity and growth, providing a supportive and responsive leadership team. Learn more about our leadership team here!

• Limitless Career Potential: Your career at LPL has no limits, only amazing potential. Learn more about our careers here!

• Unified Mission: We are one team on one mission—taking care of our advisors so they can take care of their clients. Learn more about our mission and values here!

• Impactful Work: Our size is just right for you to make a real impact. Learn more here!

• Commitment to Equality: We support workplace equality and embrace diverse perspectives and backgrounds. Learn more here!

• Community Focus: We care for our communities and encourage our employees to do the same. Learn more here!

• Benefits and Total Rewards: Our Total Rewards package goes beyond just compensation and insurance. It includes a mix of traditional and unique benefits, perks, and resources designed to enhance your life both at work and at home. Learn more here!

Join the LPL team and help us make a difference by turning life’s aspirations into financial realities. Please log in or create an account to apply to this position. Principals only. EOE.

Information on Interviews:

LPL will only communicate with a job applicant directly from an @lplfinancial.com email address and will never conduct an interview online or in a chatroom forum.  During an interview, LPL will not request any form of payment from the applicant, or information regarding an applicant’s bank or credit card.  Should you have any questions regarding the application process, please contact LPL’s Human Resources Solutions Center at (855) 575-6947.

EAC1.22.25