Vulnerability management Analyst

Amex GBT is a place where colleagues find inspiration in travel as a force for good and – through their work – can make an impact on our industry. We’re here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued.

As a Vulnerability management Analyst you will be responsible for development and maintenance of the full lifecycle of vulnerability management service from discovery, analyzing, triage, advising, remediation and validation.

What You'll Do:

• As a Vulnerability management analyst, you will play a crucial role in maintaining the security posture of Amex GBT infrastructure.
• You will collaborate with cross-functional teams for maintenance of vulnerability management services, vulnerability scanning, vulnerability assessment, providing advisory and tracking support for vulnerability remediation.
• Review vulnerability management plans , develop and maintain documentation related to policies, procedures, and best practices.
• Operate and configure tools used for vulnerability testing and identification.
• Coordinate with Infrastructre and application teams regarding scanning schedule , scope review , analyze , validate and report on vulnerability scan results.
• Perform security testing activities, such as penetration testing and application/vulnerability assessment.
• Respond to security incidents, conduct root cause analysis, and implement corrective actions.
• Research and analyze security advisories and bulletins.
• Utilize vulnerability management infrastructure that includes scanners (Qualys, Wiz, DAST, SAST).
• Assist with security risk assessments, IT audits (PCI/SOC/third party audits).
• Develop and maintain key performance indicators(KPI) to measure the effectiveness of the Mean Time to Remediate (MTTR).
• Generate regular reports and dashboards to communicate vulnerability status, trends, and program effectiveness to stakeholders.

What We’re Looking For:

• Minimum of 5 years of professional experience in cyber security role and three years of experience in vulnerability management.
• Experience conducting vulnerability scans, including configuration & use of tools such as Qualys and manage findings with centralized vulnerability management tool.
• Knowledge of cybersecurity frameworks, controls , standards and best practices.
• Familiarity with Security Control Systems and Frameworks (e.g., SOX, PCI-DSS, ISO).
• Adaptability in a remote-first, international team.
• Excellent communication skills: Ability to translate technical cybersecurity concepts into clear, actionable terms for diverse audiences.
• Excellent problem-solving, analytical, and communication abilities.
• Bachelor's degree in Computer Science, Engineering or a related technical field.
• Motivational attitude: Positive and proactive approach to leading change in the face of cybersecurity challenges.
• Industry knowledge: Familiarity with corporate security programs, compliance standards, and risk management processes.

Location

The US national base salary range for this position is from 

The national range provided includes the base salary that GBT expects to pay for the role.  Actual base salary will be based on factors including the scope and complexity of the role and the successful candidate’s relevant experience, skills, knowledge, and work location.

In addition to base salary, the anticipated range of which is posted above, this role is eligible for a discretionary annual bonus which rewards participants based on individual and/or company performance.

For information about our comprehensive US benefits programs and eligibility, please review our Benefits-at-a-Glance document.

Benefits at a glance

The #TeamGBT Experience

Work and life: Find your happy medium at Amex GBT.

• Flexible benefits are tailored to each country and start the day you do. These include health and welfare insurance plans, retirement programs, parental leave, adoption assistance, and wellbeing resources to support you and your immediate family.

• Travel perks: get a choice of deals each week from major travel providers on everything from flights to hotels to cruises and car rentals.

• Develop the skills you want when the time is right for you, with access to over 20,000 courses on our learning platform, leadership courses, and new job openings available to internal candidates first.

• We strive to champion Inclusion in every aspect of our business at Amex GBT. You can connect with colleagues through our global INclusion Groups, centered around common identities or initiatives, to discuss challenges, obstacles, achievements, and drive company awareness and action.

• And much more!

All applicants will receive equal consideration for employment without regard to age, sex, gender (and characteristics related to sex and gender), pregnancy (and related medical conditions), race, color, citizenship, religion, disability, or any other class or characteristic protected by law.

Click Here for Additional Disclosures in Accordance with the LA County Fair Chance Ordinance.

Furthermore, we are committed to providing reasonable accommodation to qualified individuals with disabilities. Please let your recruiter know if you need an accommodation at any point during the hiring process. For details regarding how we protect your data, please consult the Amex GBT Recruitment Privacy Statement.

What if I don’t meet every requirement? If you’re passionate about our mission and believe you’d be a phenomenal addition to our team, don’t worry about “checking every box;" please apply anyway. You may be exactly the person we’re looking for!