**Lead Cybersecurity Analyst: Exposure Management** As a key member of the Cybersecurity Threat Exposure Management (CTEM) Team, the Lead Cybersecurity Analyst will play a critical role in identifying, analyzing, and mitigating cyber threats and vulnerabilities within our organization. This position requires a seasoned cybersecurity professional who can execute strategic initiatives to address potential threats and work collaboratively with other departments to ensure the security of our digital assets. **Requirements** + Utilize advanced tools and methodologies to identify, analyze, and prioritize remediation of cyber threats and vulnerabilities across the enterprise. + Preferred tooling: Tenable, Wiz, Dazz, Qualys + Research vulnerabilities to determine impact on the enterprise environment using a risk-based approach in prioritizing vulnerability remediation efforts. + Lead cybersecurity incident response calls, including documenting the containment, eradication, and recovery efforts related to exploited vulnerabilities within the environment. These also include the post incident root cause analysis and lessons learned sessions. + Partner with IT, Cyber Risk and other Business Units to ensure alignment of security protocols/controls supporting appropriate exposure management with organizational policies and regulatory requirements. + Conduct comprehensive risk assessments to evaluate the potential impact of threats and vulnerabilities to the OMF environment using the results to develop mitigation strategies. + Develop and implement strategies to proactively address emerging cyber threats and enhance the organization's security posture. + Prepare detailed reports on threat landscapes, vulnerability assessments, and incident response activities to share with senior leadership to help guide informed programmatic direction. + Maintain a continuous improvement mindset to streamline activities for effectiveness and efficiency. **Qualifications** + Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. + Minimum of 7 years of experience in cybersecurity, with at least 3 years in a lead role. + Relevant certifications such as CISSP, CISM, CEH, or equivalent preferred. + Proficiency in cybersecurity tools and technologies, including SIEM, IDS/IPS, vulnerability scanners, and incident response platforms. + Strong analytical and problem-solving skills, with the ability to think critically and make informed decisions in high-pressure situations. + Excellent verbal and written communication skills, with the ability to convey complex technical information to both technical and non-technical audiences. + Meticulous attention to detail, with a focus on accuracy and thoroughness in all aspects of work. + Excellent project management skills with proven capacity to work independently and manage multiple competing demands. + Strong familiarity with secure coding principles, DevSecOps practices, automation techniques and cloud security. + Experience in a highly regulated industry such as finance, healthcare, or government. + Knowledge of global cybersecurity regulations and standards. OneMain Holdings, Inc. is an Equal Employment Opportunity (EEO) and Affirmative Action (AA) employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identify, national origin, age, marital status, protected veteran status, or disability status.