Vulnerability Management Analyst


Date: Jul 29, 2022

Location: Remote, NY, US

Company: New York Life Insurance Co



When you join New York Life, you’re joining a company that values career development, collaboration, innovation, and inclusiveness. We want employees to feel proud about being part of a company that is committed to doing the right thing. You’ll have the opportunity to grow your career while developing personally and professionally through various resources and programs. New York Life is a relationship-based company and appreciates how both virtual and in-person interactions support our culture.


The Vulnerability Management Analyst is an experienced IT professional responsible for providing advanced expertise to assure the effective performance of NYL’s Vulnerability and Secure Configuration Management programs for both on premise and cloud environments. This is a senior technology position within the Technology Security organization that will provide in depth day to day technical guidance to, and management of, a team of engineering and analyst resources.


The well qualified candidate will apply his/her detailed technical expertise to provide guidance and oversight in the monitoring and management of vulnerability identification, remediation and, configuration management activities as part of NYL’s vulnerability management program; as well as day to day and developmental guidance for a growing team.


The successful candidate must also be capable of providing technical direction and guidance to other security related technical teams within the Technology Security organization and the broader technology platform teams associated with enterprise technology.

The candidate must be capable of evaluating system performance results, performing risk assessments, evaluating performance metrics, and directing complex short term/long term high visibility projects.


Role & Responsibilities

  • Provides oversight and guidance to a team of technical security professionals; responsible for managing the engineering of the vulnerability and configuration management risk identification and remediation processes. Knowledge of platforms such as Qualys and RiskSense (or another risk analysis tool) a plus.
  • Oversees the build of new elements of the vulnerability management and configuration management technology strategy at New York Life.
  • When provided with an objective to improve performance in their area(s) of technology; develops and implements action plans.
  • Leads planning activities for vulnerability management security areas providing insight into the future of their assigned areas of expertise.
  • Manages the analysis of the performance of installed vulnerability management technologies. Proposes and implements any required changes to improve performance, including identifying and planning for any resulting impacts on other technologies.
  • Provides technical direction and guidance for the problem management process, including assessing and evaluating system anomalies.
  • Ensures Vulnerability management teams collaborate with threat intelligence and monitoring team(s) to engineer solutions that will monitor the performance of the security infrastructure supporting various technologies.
  • Manages the delivery of engineering documentation and/or implementation instructions prior to implementation.
  • Participates in ongoing 3rd level support and troubleshooting for installed technical solutions, able to resolve nearly all engineering issues in their assigned areas of expertise.
  • Provides coaching to less experienced staff to encourage quality and consistent approaches to engineering.
  • Leads cross-functional teams to deliver technology implementation projects.
  • Maintains contemporary knowledge of current and future security technologies and architectures.


Required Qualifications:

  • Well versed in vulnerability management and security products such as; Qualys, Tanium, Nessus, Rapid7, RiskSense, CloudAware, Burp Suite and other similar products for both on premise utilization and in the cloud.
  • Engineering support and management experience (Tier II, Tier III, network infrastructure implementation and maintenance) focusing on infrastructure security and vulnerability management.
  • Direct experience in planning, implementing, and managing enterprise security infrastructure
  • Experienced with managing and performing root cause analysis, risk identification, and risk mitigation.
  • Contemporary experience understanding the areas of system and vulnerability management and security configuration management for on premise and cloud environments.
  • Interpersonal skills including the ability to; collaborate effectively, manage challenging relationships, assist more junior staff developmentally and display excellent written and oral communications.
  • Significant hands-on experience with maintenance, support and problem resolution for vulnerability scanning technologies like Qualys and platforms used in the automation of said technologies. Experience should include automation of maintenance and support functions for assigned areas of expertise to support continuous improvement of quality and consistency of operational tasks.
  • Prior Windows and/or UNIX scripting experience is a plus – Perl, PowerShell, and UNIX Shell Scripting.
  • Prior UNIX administration experience- Sun Solaris, BSD, LINUX; UNIX.
  • Additional preferred experience – AWS and MSFT Azure / O365 cloud integrations.


General Experience, Education and Professional Certifications:

  • Minimum 3-5 years of expanding responsibility in technology security
  • BA/BS Degree in Engineering (not required), Computer Science, or equivalent experience in Cyber Security and Engineering.
  • CISSP or CCSP Preferred (GWAPT, CCSP, GXPN a plus!)
  • AWS Certified Security Specialist preferred




Recognized as one of Fortune’s World’s Most Admired Companies, New York Life is committed to improving local communities through a culture of employee giving and volunteerism, supported by the Foundation. We're proud that due to our mutuality, we operate in the best interests of our policy owners. We invite you to bring your talents to New York Life, so we can continue to help families and businesses “Be Good At Life.” To learn more, please visit LinkedIn, our Newsroom and the Careers page of

Job Requisition ID: 87001




Job Segment: System Administrator, Unix, Cyber Security, Social Media, Engineer, Technology, Security, Marketing, Engineering