Cyber Security Analyst - Associate

Join to apply for the Cyber Security Analyst - Associate role at SMBC Group

SMBC Group is a top-tier global financial group with a rich history of 400 years, headquartered in Tokyo. It offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group operates over 130 offices worldwide and employs more than 80,000 people across nearly 40 countries. Its holding company, Sumitomo Mitsui Financial Group, Inc. (SMFG), is one of Japan's three largest banking groups, with shares traded on the Tokyo, Nagoya, and NYSE markets.

In the Americas, SMBC Group has a presence in the US, Canada, Mexico, Brazil, Chile, Colombia, and Peru, providing a range of banking services to corporate, institutional, and municipal clients through its various subsidiaries. The role offers an anticipated salary range of $97,000 to $154,000, based on qualifications and market conditions, along with potential annual incentives and benefits.

As a Vulnerability Management Analyst, you will be a key part of a high-performing SOC team, focusing on improving our cybersecurity capabilities to protect SMBC Group. You will bring your passion for cybersecurity to ensure effective vulnerability remediation and keep pace with evolving threats. Your responsibilities include working with IT owners to identify and mitigate risks targeting our networks, applications, and infrastructure.

The team is responsible for identifying, analyzing, mitigating, and reporting vulnerabilities, adopting a proactive, risk-based approach to safeguard the bank’s assets and reputation. Your tasks will involve configuring scans, researching threats, analyzing datasets, conducting risk assessments, coordinating remediation, and reporting compliance and improvement opportunities across the enterprise.

• Triage vulnerability alerts from various sources to assess impact
• Configure and validate vulnerability scans and checks
• Collaborate with business units for assessments, risk reduction, and remediation supervision
• Conduct attack surface risk modeling and communicate high-risk areas
• Produce vulnerability management reports and statistics
• Optimize vulnerability management tools and processes
• Coordinate with the Optimization team for detections and mitigations
• Support continuous improvement by investigating new risks

• 2+ years of experience in security, IT, compliance, audit, risk management, or related fields
• Bachelor's degree in Information Technology, Computer Science, or similar (preferable)
• Strong understanding of MITRE ATT&CK framework, vulnerabilities, and exploits
• Analytical and problem-solving skills
• Knowledge of networking concepts and operating systems
• Ability to analyze large datasets and prioritize tasks
• Excellent communication skills
• Proactive, diligent, and organized
• Skills in scripting and automation are a plus
• Knowledge of cloud and containerized environments is a plus

SMBC employs a hybrid work model requiring employees to live within commuting distance of their office. Specific schedules will be discussed during interviews. Reasonable accommodations are available for applicants with disabilities.

• Seniority level: Associate
• Employment type: Full-time
• Job function: Information Technology
• Industries: Banking, Financial Services, IT Services, and Consulting