This job listing has expired and may no longer be relevant!
12 May 2022

Full-Time Sr. Cyber Associate

GCJ – Posted by Jeffery Raskin Anywhere

Job Description

Experience level: Mid-senior
Experience required: 5 Years
Education level: Bachelor’s degree
Job function: Information Technology
Industry: Banking

Total position: 1
Relocation assistance: Limited assistance
Visa : Only US citizens and Greencard holders

As a Senior Associate within the Cybersecurity Threat Hunt Management group, you will develop hypothesis and operation schedules, collect and enrich intelligence feeds, perform threat hunts and prepare after-action reports for information systems. Candidates will also document the team’s activity in accordance with company Information Security Policies and Cyber Red Team standard operating procedures.

Threat Hunt Team projects range in complexity and duration. Projects are ongoing, based on NPOV, threat modeling of recent events in the industry throughout the year. The level of effort and number of threat hunters varies depending on the criticality of the system, technology, and schedule. Projects and testing are conducted worldwide, the ability to travel in CONUS and internationally may be required.

Responsibilities:

Develop and oversee compliance to Control Standards, policies and procedures related to the Vulnerability Detection Management program in collaboration with business requirements and best industry practices.
Develop and strengthen relationships with business partners, IT Area Leads, BISOs, ERMs, and other associated teams inside TRM.
Communicate and coordinate with various internal business units including Infrastructure and Application development teams to ensure alignment with remediation efforts
Evaluate and recommend options for remediation and collect evidence to verify vulnerabilities no longer exists or offer compensating controls
Encourage and guide the development of personnel through coaching and specified training to accomplish organizational goals
Identify, select and manage vendor relationships to ensure that service delivery and support meet performance and business objectives
Evaluate and assess current and future needs of the organization continuously, make recommendations and develop business cases to substantiate requested changes
Understand, align, and adhere to the regulatory and compliance requirements as they continually evolve
Ensure timely responses to issues that arise through Audit or GRC and provide execution of timely escalation and or documentation of issues.
Provide regular reporting on the effective of the Threat Hunt program to the Senior Leadership Team, IT and Risk Management
Rely on experience and judgment to plan and accomplish goals leaning on a wide degree of creativity
Qualifications:

Bachelor Degree or in-lieu of degree equivalent education, training and work-related experience
3+ years of experience in IT Security or IT Risk Management
5+ years of combined experience with cybersecurity threat hunting
Experience with enterprise security tools, threat assessment, and vulnerability management tools, such as Rapid7 InsightVM, CrowdStrike, Carbon Black, Splunk, Tenable Nessus, Qualys, AquaSec, etc.
Hands-on technical experience across multiple domains within IT including Linux, Windows, VMware, Networking, and Databases
Working knowledge of cloud computing, SaaS models and Cloud Security Alliance (CSA) principles
Scripting, coding or database administration experience preferred
Understanding of and experience with automation tools such as VMware Realize Automation (VRA), Puppet, Chef or Ansible
Audit experience to include SOX, SOC II Type II, SSAE 18, HiTRUST, and or PCI to include remediation activities
Possess a working knowledge of big data concepts including data mining, creation of dashboards and ad-hoc queries.
Possess an understanding of SCAP, CVE, CVSS, CPE, CCE and OVAL.
Possess detailed understanding of various operating systems and common applications as they relate to vulnerability remediation.
Possess an understanding of virtual server and workstation environments, baseline scanning and compliance reporting, enterprise technology infrastructure, application development & maintenance, software testing, and IT architecture.
Have a broad knowledge of security methodologies, solutions and best practices, and have expert level knowledge of one or more domains.

MUST HAVE:

Bachelor Degree or in-lieu of degree equivalent education, training and work-related experience
3+ years of experience in IT Security or IT Risk Management
5+ years of combined experience with cybersecurity threat hunting
Experience with enterprise security tools, threat assessment, and vulnerability management tools, such as Rapid7 InsightVM, CrowdStrike, Carbon Black, Splunk, Tenable Nessus, Qualys, AquaSec, etc.
Hands-on technical experience across multiple domains within IT including Linux, Windows, VMware, Networking, and Databases
Working knowledge of cloud computing, SaaS models and Cloud Security Alliance (CSA) principles
NICE TO HAVE:

Scripting, coding or database administration experience preferred
Possess a working knowledge of big data concepts including data mining, creation of dashboards and ad-hoc queries.
Possess an understanding of SCAP, CVE, CVSS, CPE, CCE and OVAL.
Possess detailed understanding of various operating systems and common applications as they relate to vulnerability remediation.
Possess an understanding of virtual server and workstation environments, baseline scanning and compliance reporting, enterprise technology infrastructure, application development & maintenance, software testing, and IT architect

Job Categories: OTHER. Job Types: Full-Time.

Apply for this Job