Listing Description
- Typically, 4+ years of experience in a 24x7 global enterprise, preferably in the Financial industry
- Ability to identify vulnerabilities in networks, systems, and applications using common penetration testing frameworks, tools, and techniques or manual processes
- General understanding of web technologies/frameworks (HTML, JavaScript, etc.) and their associated vulnerabilities (OWASP Top 10, XSS, filter bypassing, SQL Injection)
- In-depth understanding of Windows operating systems and general knowledge of Unix and Linux operating systems
- Deep understanding of TCP/IP, OSI model, and component and systems dependencies concepts.
- Utilize MITRE ATT&CK framework, Cyber Threat Intelligence, and Cyber Security Awareness concepts to influence work
- General knowledge of the functions of various security infrastructure, including firewalls, Intrusion Prevention Systems, Proxy Servers, Security Event Managers, VPNs, etc.
- Basic coding/scripting knowledge, Python or PowerShell preferred
- Offensive Security (OSCP/OSCE), SANS GIAC (GPEN, GWAPT, GXPN, etc.), or similar information security certifications
- Is aware of current cyber security threats and counter measures
- Shows a dedication to quality by implementing suitable solutions
- Leads work reviews and actively participates in providing feedback on others’ work
- Performs as an expert in one or more cyber security programs.Analyze organization's cyber defense policies/configurations and evaluate weaknesses and vulnerabilities. Conduct and/or support authorized penetration testing on enterprise network assets.
Develop and coordinate Red/Blue Team Exercises.
Identify, recommend, and build controls/signatures in response to new or observed cyber threats in support of internal Incident Response/Cyber Threat Intel teams
You will contribute to the development of and improvement in cyber security standard methodologies within your group
Decisions and recommendations distinguish between near term mitigation and required future investments
You will help team members/make suggestions to improve practices.
Can articulate and translate cyber security risks and vulnerabilities into practical solutions for technology teams to facilitate remediation.
Detailed knowledge of the cyber analysis program associated objectives
Understanding of common threats to, and historical attacks against, the Financial Services industry
Listing Details
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: Bachelors Degree
- Travel: No Travel
- Telework: No Telecommute