What are the responsibilities and job description for the Vulnerability Management Analyst position at American Eagle Financial Credit Union Incorporated?
Location – East Hartford, CT Hybrid
You Are
A Strategic Cybersecurity Professional
A Data-Driven Decision Maker
You transform complex security data into clear insights that inform priorities and strengthen security posture.
A Continuous Improvement Champion
You advance processes and drive change across security operations.
A Collaborative Partner
You influence positive outcomes and support cross-functional teams to support enterprise-wide security objectives.
Key Responsibilities
Vulnerability Management Operations:
- Administer and maintain vulnerability scanning tools, including configuration, scheduling, and execution of scans
- Analyze, validate, and prioritize vulnerabilities based on risk, asset criticality, and threat intelligence
- Develop and manage vulnerability remediation tracking using scanning tools, SQL-based queries, and reporting
- Maintain awareness of emerging and publicly disclosed vulnerabilities through external intelligence sources (e.g., FS-ISAC, CISA, NVD, MSSP, Vendor security advisories)
- Maintains current knowledge of the threat landscape including attacker tactics, techniques and procedures
Risk Analysis, Reporting, and Continuous Improvement:
- Develop and maintain vulnerability management metrics, dashboards, and key risk indicators to measure program effectiveness
- Analyze vulnerability trends and provide actionable insights to guide risk-based prioritization
- Prepare and deliver clear, concise reports for IT leadership, risk committees, and technical stakeholders
- Contribute to the development of vulnerability management strategy and ongoing process improvements
- Initiate and support automation initiatives for vulnerability identification, classification, reporting, and tracking
- Find and help deploy uses cases for AI to improve analysis and presentation of vulnerability data
Cross-Functional Collaboration and Security Program Support:
- Partner with Network Services and other technical teams to support vulnerability remediation and mitigation efforts (Patching and remediation are outside the duties of this role, and is instead performed by Network Services)
- Facilitate vulnerability exception processes, including tracking, reporting and escalation procedures
- Administer and monitor anti-phishing and brand protection processes and reporting
- Support of security tools and processes including SIEM, IDS/IPS, DLP, firewall governance, and access reviews
- Assist with third-party assessments, internal audits, and security baseline development for new technologies
- Maintain and update security documentation, standards, and operational procedures
- Performs additional duties as assigned
Education and/or Experience
This role requires Subject Matter Expertise and the ability to provide mentorship, guidance, and training to other team members. While this level of expertise will generally be attained with a minimum of 5 years of experience in Information Security, including 2 years in vulnerability management, and a Bachelor’s degree in a computer science, cybersecurity, or related field (preferred) or High School Diploma/GED.
Priority will be placed upon demonstration of the ability to meet qualifications without an absolute focus on duration of experience, in recognition that such expertise may be developed at different paces by individuals.
Certificates, Licenses and Registrations (if applicable):
- Preferred: CISSP, CISA
- Additional relevant certifications: CCSP, GSEC, NCSF, CompTIA Security
- Vulnerability management platform certifications (e.g., Nessus, Rapid7) strongly preferred
Opportunities for Growth
AEFCU is an Equal Opportunity Employer, Veterans/Disabled