PenFed Credit Union Jobs

Mobile penfed Logo

Job Information

PenFed Credit Union Vulnerability Management Program Manager in Papillion, Nebraska


Are you looking to take your career from good to great? As an employee of PenFed, every day is an opportunity to thrive, and be part of a team working to ensure our organization is providing world class service to our members, employees, and our communities. We exist to help our members realize their full potential, educate and encourage their dreams, and make every effort to follow our mission and help our members “do better.” Joining PenFed is more than being an employee; it’s about being a part of the PenFed family.

PenFed is hiring a Vulnerability Management Program Manager at our Tysons, Virginia; San Antonio, Texas; Eugene, Oregon or Papillion, Nebraska locations. The purpose of this role is to oversee multiple processes and functions of the Pentagon Federal Credit Union enterprise vulnerability management program. This position will identify and optimize existing program operations based on health of technology systems, initiatives, integration, and continued monitoring of the state of technical vulnerability assessment and remediation effort. The Manager will work with the team to generate vulnerability reporting to drive actions by all levels of the organization including executive management. Additionally, the person will define the prioritization of remediation activities, optimize the remediation efforts in a risk-based approach within a dynamic environment.


Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This is not intended to be an all-inclusive list of job duties and the position will perform other duties as assigned.

  • Oversee and support the continuous improvement of the vulnerability management program initiatives, process and technology integration, and technical assessment.

  • Enhance technology and/or process to validate inventory of critical infrastructure and applications are in place.

  • Identify roadmap, and priorities relative to infrastructure and application security assessments. Provide engineering and administrative functions for all tools in support of the Vulnerability Management Program and its mission.

  • Direct and/or perform on-going vulnerability assessments, penetration tests, and application and network security scans.

  • Direct assessment efforts in a prioritized fashion, seeking breadth and depth of coverage where appropriate.

  • Create reports and present to various team represtatives or management with factual documentation of issues identified and clear recommendation for mitigation of found vulnerabilities.

  • Assess, document and validate the vulnerability management practices across business to ensure compliance against company policy and standards are met.

  • Partner with teams who implement technology and achieve methods for aligning to their processes and reduce vulnerabilities.

  • Assess possible risks to proposed changes to the PenFed environment, and if needed recommend alternative solution, or mitigating security controls.

  • Develop strategies to identify, manage, and mitigate identified threats and vulnerabilities to attain desired risk profile and communicate strategies to key stakeholders.

  • Maintain appropriate management reporting mechanisms to facility communication of the PenFed program across multiple levels and business units within the organization.


Equivalent combination of education and experience is considered.

  • Bachelor’s Degree in information security / technology or related field, or equivalent combination of education & experience in information security in a large, highly-regulated enterprise.

  • Minimum of eight (8) years of work experience focused on risk analysis, identification, and vulnerability assessment and penetration testing.

  • Minimum of five (5) years of experience in the secure design and implementation of information systems.

  • Minimum of three (3) years of experience as an information security manager, lead, or equivalent.

  • Knowledge of security and vulnerability management within global enterprise environments.

Supervisory Responsibility

This position will supervise employees.

Licenses and Certifications

Must have at least two (2) certifications in the field of information security from a respectable security organization. Desirable certifications include, but not limited to:GSEC, GCIH, GCIA, GCFE, GREM, GCFA, CEH, CISSP, CASP or equivalent Certifications

Work Environment

While performing the duties of this job, the employee is regularly exposed to an indoor office setting with moderate noise.

Most roles require working in an office setting with moderate noise and the ability to lift 25 pounds.


Limited travel to various worksites is required.

About Us

Established in 1935, PenFed today is one of the country’s strongest and most stable financial institutions with over 2 million members and over $26 billion in assets. We serve members in all 50 states and the District of Columbia, as well as in Guam, Puerto Rico and Okinawa. We are federally insured by NCUA and we are an Equal Housing Lender. We are available to members worldwide, via the web, seven days a week, twenty-four hours a day.

We provide our employees with a lucrative benefits package including robust medical, dental and vision plan options, plenty of paid time off, 401k with employer match, on-site fitness facilities at our larger locations, and more.

Equal Employment Opportunity

PenFed management will maintain and observe personnel policies which will not discriminate or permit harassment or retaliation against a person because of race, color, creed, age, sex, gender, gender identity, gender expression, religion, national origin, ancestry, marital status, military or veteran status or obligation, the presence of a physical and/or mental disability or medical condition, genetic information, sexual orientation, and all statuses protected by applicable state or local law in all recruiting, hiring, training, compensation, overtime, position classifications, work assignments, facilities, promotions, transfers, employee treatment, and in all other terms and conditions of employment. PenFed will also prohibit retaliation against individuals for raising a complaint of discrimination or harassment or participating in an investigation of same.

PenFed will also reasonably accommodate qualified individuals with a disability so that they can apply for a job or perform the essential functions of a job unless doing so causes a direct threat to these individuals or others in the workplace and the threat cannot be eliminated by reasonable accommodation or if the accommodation creates an undue hardship to PenFed. Contact human resources (HR) with any questions or requests for accommodation at 240-224-4256.