Job Description

Job Classification:

Technology - Information Security

Are you interested in building capabilities that enable the organization with innovation, speed, agility, scalability and efficiency? The Global Technology team takes great pride in our culture where digital transformation is built into our DNA! When you join our organization at Prudential, you’ll unlock an exciting and impactful career – all while growing your skills and advancing your profession at one of the world’s leading financial services institutions.

Your Team & Role

As a Specialist, Vulnerability Management for Cloud/Containers on the Attack Surface Management Team, you will partner with other security professionals across the Information Security Office, the Chief Technology Office, and other groups in Prudential to drive Prudential’s Cloud security efforts across the global enterprise.

You will support implementation and operational best practices, while contributing to or owning deliverables and project workstreams around cloud security maturity. You will also perform triage of issues related to technology configuration, software weaknesses, build/deployment, and process challenges. You will work on significant and unique issues where analysis of situations or data requires an evaluation of intangible variables and may impact future concepts, products or technologies to ensure security of our products and customers! In addition to applied experience, you will bring excellent problem solving, communication and teamwork skills, along with agile ways of working, strong business insight, an inclusive leadership attitude and a continuous learning focus to all that you do.

Here is What You Can Expect on a Typical Day

• Contribute to the design, development, implementation, and enhancement of Prudential’s cloud and container monitoring and assessment capabilities
• Triage, prioritize, drive remediation, and validate mitigating controls of cloud and container-related vulnerability/misconfiguration findings
• Proactively identify and implement security improvements in the environment, especially those related to prevention and validation. Examine current state, industry/technology trends, and business requirements to drive innovation.
• Provide SME guidance to stakeholders on remediation, prioritization, and mitigations
• Provide updates regarding vulnerabilities across multiple platforms and groups
• Share and evolve reporting metrics that relay proper risk posture to leadership
• Ideate and implement improvements to processes, metrics, and documentation to mature vulnerability management capabilities.
• Partner with leadership to set direction for the future of the Attack Surface Management program, while ensuring an accurate understanding and in-depth knowledge of daily operations to provide recommendations to team objectives.
• Develop security policies and compliance initiatives derived from industry standards

The Skills & Expertise You Bring

• Bachelor of Computer Science/Engineering or formal experience in related fields
• Demonstrated expertise in cloud and container security
• Skilled in vulnerability assessment, risk prioritization, and threat correlation
• Familiarity with vulnerability and security scanning tools, as well as common vulnerability data sources and frameworks (CVE, CVSS, EPSS, CWE)
• Experience improving vulnerability management platforms, processes, and assessments
• Ability to collaborate with engineering teams to provide SME knowledge of vulnerabilities, validate risk reduction effectiveness and false positives, and consult on mitigations
• Engineering mindset – systems thinking, creative problem solving, deductive reasoning
• Effective communication and documentation

Preferred qualifications:

• Expertise in container technologies (Docker, Kubernetes, EKS/ECS)
• Experience with CI/CD and SecDevOps
• Scripting background (Python, PowerShell, Bash, etc.)
• Familiarity with application and open-source security
• Understanding of threat actors, with the ability to articulate or demonstrate how they operate and subvert common security controls
• Knowledge of industry security standards and frameworks (CIS, NIST, PCI DSS)
• Ability to develop proof-of-concept exploits in a lab environment to demonstrate exploitability and provide validation of proposed remediation action

You’ll Love Working Here Because You Can

Join a team and culture where your voice matters; where every day, your work transforms our experiences to make lives better. As you put your skills to use, we’ll help you make an even bigger impact with learning experiences that can grow your technical AND leadership capabilities. You’ll be surprised by what this rock-solid organization has in store for you.

What we offer you:

Prudential is required by state specific laws to include the salary range for this role when hiring a resident in applicable locations. The salary range for this role is from $96,200.00 to $158,800.00. Specific pricing for the role may vary within the above range based on many factors including geographic location, candidate experience, and skills.

• Market competitive base salaries, with a yearly bonus potential at every level

• Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leave

• 401(k) plan with company match (up to 4%).

• Company-funded pension plan.

• Wellness Programsincluding up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needs.

• Work/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.

• Education Benefit to help finance traditional college enrollment toward obtaining an approved degree and many accredited certificate programs.

• Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service.

Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance. To find out more about our Total Rewards package, visit Work Life Balance | Prudential Careers. Some of the above benefits may not apply to part-time employees scheduled to work less than 20 hours per week.

Prudential Financial, Inc. of the United States is not affiliated with Prudential plc. which is headquartered in the United Kingdom.

Prudential is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender identity, national origin, genetics, disability, marital status, age, veteran status, domestic partner status, medical condition or any other characteristic protected by law.

If you need an accommodation to complete the application process, please email accommodations.hw@prudential.com

If you are experiencing a technical issue with your application or an assessment, please email careers.technicalsupport@prudential.comto request assistance