SVP, Vulnerability Management & Cloud Security Posture Platform Engineering

of SVP, Vulnerability Management & Cloud Security Posture Platform Engineering New York, NY, United States and 2 more Job Description We’re seeking a team member for the role of SVP, Vulnerability Management & Cloud Security Posture Platform Engineering to join our Cybersecurity Engineering Tools & Platforms team. This role is located in New York, NY; Pittsburgh, PA; or Washington, DC . This is a high-impact, deeply technical individual contributor role focused on both running and engineering enterprise cybersecurity platforms that support vulnerability management, asset discovery, network and infrastructure scanning, cloud security posture management, cloud-native risk visibility, reporting, and remediation enablement. This role fits in the intersection of hands-on platform operations, deployment and execution, troubleshooting, automation engineering, service ownership, and technical leadership . In this role, you’ll make an impact in the following ways: Own engineering and operational accountability for enterprise vulnerability management and cloud security posture management tooling. Run critical cybersecurity platforms day to day, including platform health, configuration, access, integrations, upgrades, onboarding, troubleshooting, vendor support, and production stability. Engineer platform improvements that increase reliability, scalability, coverage, automation, performance, data quality, and operational resilience. Manage platform configuration, tenant administration, access models, scanner and agent lifecycle, cloud connectors, onboarding standards, and service health. Support scanning across servers, endpoints, databases, network devices, appliances, cloud assets, containers, external-facing assets, and other enterprise technologies. Partner with network and infrastructure teams on scanner placement, network zones, routing, firewall rules, segmentation, latency, reachability, authenticated scanning, and scan troubleshooting. Drive asset discovery, inventory reconciliation, coverage reporting, ownership validation, and integration with CMDB and authoritative asset sources. Build and maintain automation, APIs, configuration management, dashboards, reporting workflows, and data pipeline integrations, including integrations that ingest asset, ownership, cloud, and configuration data from enterprise systems and publish vulnerability and posture data to downstream remediation, reporting, and risk platforms. Partner with vulnerability management teams to enable prioritization, remediation tracking, SLA governance, exception workflows, and major vulnerability response. Own platform monitoring, health checks, operational dashboards, incident response, vendor escalations, disaster recovery readiness, and business continuity procedures. Support SSO, RBAC, privileged access, service accounts, API tokens, access recertification, segregation of duties, audit evidence, and regulatory reporting. Troubleshoot complex issues across tools, agents, scanners, APIs, cloud connectors, networks, identity systems, data pipelines, vendor platforms, and downstream reporting consumers. Create dynamic engineering solutions using languages such as Python, Go, Java , or similar. Mentor engineers, improve runbooks and documentation, and raise the technical bar through hands-on platform expertise. To be successful in this role, you bring: Hands‑on experience running and engineering enterprise cybersecurity platforms, especially vulnerability management, scanning, asset discovery, cloud security posture, or cloud‑native application protection platforms in large financial institutions. Strong operational discipline, including production support, incident response, change management, service health monitoring, vendor escalation, and lifecycle management. Strong engineering mindset, including automation, API integration, configuration management, repeatable deployment patterns, data quality improvement, and toil reduction. Strong understanding of vulnerability management operating models, including remediation tracking, SLA governance, exceptions, ownership validation, and major vulnerability response. Strong networking knowledge, including TCP/IP, routing, DNS, firewalls, proxies, load balancers, network segmentation, NAT, packet flows, latency, and reachability troubleshooting. Experience scanning and assessing diverse enterprise technologies, including servers, endpoints, network devices, databases, appliances, cloud assets, containers, and externally exposed systems. Knowledge of scanner architecture, agent health, network zones, scan routes, authenticated scanning, credential management, and scan troubleshooting. Experience with cloud environments, including AWS, Azure, and GCP , cloud connectors, IAM, APIs, and security control frameworks. Experience integrating cybersecurity platforms with CMDB, ticketing systems, reporting platforms, data pipelines, cloud platforms, vulnerability management systems, and enterprise dashboards. Strong understanding of access management, including SSO, MFA, RBAC, privileged access, service accounts, API tokens, and recertification. Programming and automation skills using Python, Go, Java , or similar. Ability to debug complex issues across platforms, agents, scanners, cloud connectors, APIs, data pipelines, identity systems, networks, firewalls, routing paths, and vendor services. Experience supporting audit, regulatory reporting, evidence retention, operational controls, and production change management. A mindset focused on automation, scalability, governance, resilience, and reducing operational friction. Experience with Kubernetes and container vulnerability management , including cluster visibility, container image assessment, runtime context, registry integrations, cloud‑native asset inventory, and remediation workflows. Preferred: Experience with the following tooling preferred: Qualys, Wiz.io, Lumeta , or similar vulnerability management, asset discovery, network visibility, and cloud security posture platforms. Experience operating or engineering cybersecurity platforms in FedRAMP-authorized or FedRAMP‑aligned cloud environments . Familiarity with FedRAMP control expectations, evidence collection, vulnerability scanning requirements, continuous monitoring, access governance, and cloud security operations. Success Profile Becomes a senior technical authority for both operating and engineering vulnerability management and cloud security posture tooling. Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred. 10-12 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus. Keeps critical cybersecurity platforms stable, healthy, upgraded, monitored, documented, and supportable. Improves platform reliability, scan health, agent health, connector health, data quality, and operational visibility. Expands coverage across infrastructure, applications, business units, cloud accounts, containers, network devices, appliances, and external-facing assets. Enables reliable reporting, remediation tracking, SLA governance, audit evidence, and regulatory support. Reduces manual effort through automation, repeatable onboarding, self‑service intake, standardized runbooks, and engineered controls. Strengthens access governance, platform controls, service ownership discipline, and production resilience. This role is for someone who wants to run, own, and engineer the platforms that define cyber risk visibility across the enterprise. Day‑to‑day platform execution and long‑term engineering decisions will directly impact security posture, vulnerability response, regulatory confidence, and operational resilience across BNY. About Us At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting‑edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide. America’s Most Innovative Companies, Fortune, 2025 World’s Most Admired Companies, Fortune 2025 “Most Just Companies”, Just Capital and CNBC, 2025 Our Benefits and Rewards: BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay‑for‑performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter. BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans. BNY assesses market data to ensure a competitive compensation package for our employees. The expected base salary for this position when employment commences can be found in the Job Info section at the bottom of the posting. Base salary offered may vary depending on multiple individualized factors, including market location, job‑related knowledge, skills, and experience. Base salary is only part of the total rewards package, which may include eligibility for an annual discretionary incentive award. Subject to the terms and conditions of the applicable plans then in effect, eligible employees may enroll in a 401(k) plan as well as participate in Company‑sponsored medical, dental, vision, and basic life insurance plans for the employee and the employee’s eligible dependents. Eligible employees also may receive other benefits (including various paid time off benefits, such as vacation and sick time), dependent on the position offered. Details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, the employee will be in an “at will” position and the Company reserves the right to modify base salary (as well as any other discretionary payments or compensation programs) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors. Job Info Job Identification 77274 Job Category Information Security Posting Date 05/13/2026, 05:57 PM Locations 240 Greenwich Street, New York, NY, 10286, US 300 Colonial Center Parkway, Lake Mary, FL, 32746, US 1250 H Street NW, Washington, DC, 20005, US #J-18808-Ljbffr BNY Mellon