Senior Security Engineer - Threat Management

Job Description

Job Description

Senior Security Engineer Threat Management

The Senior Security Engineer Threat Management is responsible for the collection, analysis, and dissemination of cyber threat intelligence.

These capabilities will include timely collection of advanced warning of impeding IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and operational support of the incident response process.

They will define, deliver and sustain the enterprise management strategy and solutions from a governance, process, discipline and technology standpoint, to support enterprise environments and our presence in various cloud instances covering threat / vulnerability management.

Secondary roles include Intrusion Prevention systems, EDR tools, and other information security solutions.

Essential Functions of the Job :

• Knowledgeable around securing cloud workloads and cloud instances within AWS, Google, and Azure.
• Support the Cyber Incident Response Team (CIRT) in the effective detection, analysis, and containment of attacks
• Operate the processes necessary to collect threat intelligence, analyze the data for patterns and actionable information, and create intelligence products for other teams to consume
• Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents
• Identify appropriate platform and application logging and triggers at design that support advanced fraud and cyber detection use cases
• Integrate appropriate systems and logs into the global threat management platform or Security Incident and Event Management system to properly protect their critical assets
• Design, test and develop specific content and alerting to identify threats against their critical assets
• Document incident response procedures for new threat content and alerts
• Maintain an understanding of attacks, vectors and emergent threats
• Provide tier II support for escalated security incidents
• Obtain and share cyber security intelligence with security partners, vendors and law enforcement as necessary
• Mentor and educate teams with expert knowledge of information security event management, security forensics, network access controls and perimeter security, operations, implementations of new technologies
• Produce weekly and monthly operational metrics
• Work with vendors and internal customers to respond to escalations
• Familiar with threat modeling and / or risk-based security testing techniques
• Understand configuration management and can work with other teams to make recommended settings
• Recommends Preventative Security Actions
• Recommends Corrective Security Actions
• Expert understanding of the field's concepts, practices, and procedures related to security testing
• Comprehension of basic banking systems.

Job Requirements : Trained in OWASP security standards, High School Graduate or Equivalent

Bachelor’s Degree Preferred but not required in Computer Engineering / Computer Science or related field.

CISSP Preferred, but not required

Knowledge and Skills Requirements :

• Familiar with compliance regulations such as SOX, PCI-DSS, GLBA, and Federal Banking regulations
• Proficient with cloud security and monitoring capabilities in AWS, Azure and Google
• Proficient with web application testing and software security reviews.
• Excellent team skills and integrity in a professional environment
• Familiar with the Open Systems Interconnection (OSI) model
• Understanding of security technologies like; IDS / IPS, firewalls, AV
• Understanding of scripting languages like JavaScript, Perl, etc
• Understanding of vulnerability scanning tools
• Good social, communication and technical writing skills

Powered by JazzHR

TY1MvYY6jO