Analyst I, VAPT

About the Role

As a Vulnerability Assessment Analyst at Invesco, you will play a crucial role in identifying and managing vulnerabilities across risk-prioritized infrastructure and applications to protect Invesco data and network.

Responsibilities

• Conducting vulnerability assessments on various technologies and infrastructure using tools like Qualys, covering network infrastructure, servers, platforms, applications, cloud security controls, and critical assets.
• Reviewing and analyzing security vulnerability data to distinguish applicability and false positives.
• Assisting in assessing Invesco perimeter assets for exposures and weaknesses.
• Executing vulnerability triaging, escalation, and management workflows through innovation.
• Supporting internal remediation efforts by designing, implementing, and integrating security controls.
• Participating in vulnerability management projects, tracking deliverables, and providing progress updates.
• Responding to cyber risk incidents with discretion and ensuring proper preservation of evidence.
• Providing guidelines to mitigate security risks based on technological requirements.
• Performing compliance scans on Invesco infrastructure using approved security tools.
• Keeping abreast of industry best practices.

Qualifications

• 1+ years of Information Security experience
• Proficiency in common vulnerability assessment and penetration testing tools
• Exposure to cloud vulnerability management frameworks and tools
• Understanding of network security components and industry best practices
• Ability to develop scripts for automation and patch management

Additional Skills

• Strong interpersonal and communication skills
• Ability to articulate complex issues clearly
• Analytical skills to collect and analyze data
• Self-motivated with the ability to work independently
• Detail-oriented and assertive while maintaining confidentiality

Benefits & Culture

Invesco offers a workplace model that fosters diversity and inclusion, providing flexibility and support for employees. Benefits include competitive compensation, flexible work options, comprehensive leave policies, insurance coverage, employee assistance programs, career development opportunities, and a supportive work environment. Invesco's commitment to diversity, inclusion, and corporate responsibility ensures a collaborative and inclusive workplace where everyone is valued and respected.

Links

• About Invesco: Invesco Corporate Website
• Our Culture: Invesco Culture Overview
• Diversity & Inclusion Policy: Invesco D&I Policy
• Corporate Responsibility Program: Invesco CR Program

Application

If you are ready for a challenging role with a global investment firm that values integrity, diversity, and personal growth, apply for the Vulnerability Assessment Analyst position at Invesco Careers here. As a Vulnerability Assessment Analyst at Invesco, you will play a crucial role in identifying and managing vulnerabilities across risk-prioritized infrastructure and applications to protect Invesco data and network. Your responsibilities will include:

• Conducting vulnerability assessments on various technologies and infrastructure using tools like Qualys, covering network infrastructure, servers, platforms, applications, cloud security controls, and critical assets.
• Reviewing and analyzing security vulnerability data to distinguish applicability and false positives.
• Assisting in assessing Invesco perimeter assets for exposures and weaknesses.
• Executing vulnerability triaging, escalation, and management workflows through innovation.
• Supporting internal remediation efforts by designing, implementing, and integrating security controls.
• Participating in vulnerability management projects, tracking deliverables, and providing progress updates.
• Responding to cyber risk incidents with discretion and ensuring proper preservation of evidence.
• Providing guidelines to mitigate security risks based on technological requirements.
• Performing compliance scans on Invesco infrastructure using approved security tools.
• Keeping abreast of industry best practices.

Qualifications required for this role include:

• 1+ years of Information Security experience
• Proficiency in common vulnerability assessment and penetration testing tools
• Exposure to cloud vulnerability management frameworks and tools
• Understanding of network security components and industry best practices
• Ability to develop scripts for automation and patch management

Other skills essential for this role are:

• Strong interpersonal and commu