New York Life Insurance Company ( York Life companys the largest mutual life insurance company in the United States*. Founded in 1845, New York Life is headquartered in New York City, maintains offices in all fifty states, and owns Seguros Monterrey New York Life in Mexico.

New York Life is one of the most financially strong and highly capitalized insurers in the business. The company reported 2016 operating earnings of $1.954 billion. Total assets under management at year end 2016, with affiliates, totaled $538 billion. As of year-end 2016, New York Life's surplus was $23.336 billion**. New York Life holds the highest possible financial strength ratings currently awarded to any life insurer from all four of the major ratings agencies: A.M. Best, A++; Fitch AAA; Moody's Aaa; Standard & Poor's AA+. (Source: Individual Third Party Ratings Report as of 8/17/16).

Financial strength, integrity and humanity-the values upon which New York Life was founded-have guided the company's decisions and actions for over 170 years.

New York Life is seeking a Vulnerability Management Analyst who will ensure continuous vulnerability life cycle management within the corporate environment; including but not limited to; monitoring, collection, reporting, and assessment of impact for vulnerability related data from vendors and internal threat intelligence sources.

Responsibilities

Perform as a vulnerability management analyst across the following areas key areas at New York Life: Microsoft platform (e.g.; Server, Workstation, applications), Open Systems platforms (e.g.; Linux, UNIX, VM Ware ESX), Java, Adobe, Web Applications, Java web app virtualization platforms (e.g.; WebSphere), Networking, Databases (e.g.; Oracle, SQL Server, DB2, etc), and others.

• Understands and advises on enterprise policies and technical standards with specific regard to vulnerability management and secure configuration.
• Able to successfully partner with other security and IT infrastructure professionals to assess potential impact from vulnerabilities specific to New York Life's environment and determine appropriate mitigating controls.
• Identify and recommend appropriate measures to manage and remediate vulnerabilities with the focus on reducing potential impacts on information resources to a level acceptable by New York Life.
• Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner; across traditional infrastructure and in cloud environments.
• Ability to fully understand business requirements and work with business partners to define appropriate solutions; meeting both security mandates and business needs.
• Be a champion for vulnerability management and information security; including broadening awareness, use of the team's services and education of security best practices.
• Provide mentorship and support to teammates with regard to vulnerability assessment and mitigation techniques and approaches.
• Using a risk based approach, analyze New York Life vulnerability data against open / closed information sources to best prioritize vulnerability hygiene activities.
• Develop and improve KPIs, metrics, and trend analysis for vulnerability management functions.

Job Qualifications

• Familiar with industry standard security best practices and vulnerability management processes; including vulnerability management standards and regulatory compliance reporting
• Experience with vulnerability scanning tools (Qualys preferred) and other vulnerability and risk management reporting platforms (RiskSense Preferred).
• Demonstrate knowledge of IT security / hardening best practices; including but not limited to operating systems (e.g.; Windows, Unix, Linux), web applications, and network devices.
• Demonstrated knowledge of networking concepts and devices (Firewalls, Routers, Switches, Load Balancers, etc)
• Excellent analytical and problem solving skills.
• Demonstrated ability to participate in cross functional teams; including offsite, remote and with offshore resources.
• Experience working in very large enterprise environment with diverse teams.
• Self-directed, works with minimal guidance, and recognizes when guidance needed.
• Demonstrated ability to stay contemporary with the evolving security technology space.

Knowledge of NY DFS, NIST, COBIT, PCI, HIPAA, ISO, and other control frameworks. * CISSP, GCIH, GPEN, or other acceptable industry certifications preferred.

General Experience, Education and Professional Certifications:

• Minimum 3-5 years of operational experience in IT Security
• BA/BS Degree in Engineering, Computer Science, or equivalent experience in Cyber Security and Engineering.
• Preferred: CompTIA Security+, SSCP, or similar certifications

Work Location: Clinton, NJ, Atlanta, or Jersey City is sokay

SF: LI-CC1

EOE M/F/D/V

If you have difficulty using or interacting with any portions of this Web site due to incompatibility with an Assistive Technology, if you need the information in an alternative format, or if you have suggestions on how we can make this site more accessible, please contact us at: (212) 576-5811.

*Based on revenue as reported by tune 500, ranked within Industries, Insurance: Life, Health (Mutual),rtune Magazine, June 17, 2016. See for methodology.

**Total surplus, which includes the Asset Valuation Reserve, is one of the key indicators of the company's long-term financial strength and stability and is presented on a consolidated basis of the company.

1. Operating earnings is the key measure use by management to track Company's profitability from ongoing operations and underlying profitability of the business. This indicator is based on generally accepted accounting principles in the US (GAAP), with certain adjustments Company believes to be appropriate as a measurement approach (non GAAP), primarily the removal of gains or losses on investments and related adjustments.

2. Assets under management represent Consolidated Domestic and International insurance Company Statutory assets (cash and invested assets and separate account assets) and third party assets principally managed by New York Life Investment management Holdings LLC, a wholly owned subsidiary of New York Life Insurance Company.

Nearest Major Market: New Jersey

Job Segment: