Job Description

Job Description

Under the supervision of the Manager of Information Security Risk Mgmt, the incumbent’s accountabilities include, but are not limited to, the following:

Responsible for conducting operational vulnerability testing of applications before initial deployment and as they are subsequently updated. Identify the program avenues most riddled with flaws and holes that give malicious actors access to important content or systems. Must know how to find and exploit an application vulnerability.

Responsible for identifying indicators that show a malicious incident has occurred and to initiate swift, appropriate, and comprehensive responses. Differentiate between incidents that represent less sophisticated attacks from those that must be analyzed in-depth and defeated by rigorous incident response. Monitoring of security logs from multiple sources, including firewalls, servers, and applications, detect suspicious events and identify possible security incidents. Another competency for this role is to understand the effective use of cyber threat data to generate signatures, alerts and the use of other technologies to detect and react to the new threats. Properly report incidents to ensure timely and proper dissemination of information.

Devise, analyze, and systematically assess the ability of systems and networks to withstand sophisticated adversaries (i.e., adversaries who have not only advanced technical skills, but also knowledge of the architecture and systems they are targeting). Conduct sophisticated, methodical, comprehensive technical testing of configurations, pathways, and interactions between systems that mimic the techniques employed by advanced adversaries. Use advanced attack strategies to devise superior processes for security monitoring, event analysis, security architecture and engineering to defeat these strategies – whether mounted by external adversaries or insiders – which might otherwise result in data exfiltration or captured command and control of internal systems and processes.

Responsible for determining organization’s attack surface, its most vulnerable and high value targets, and how its technical vulnerabilities may be exploited. Ensure accurate threat data is provided to inform the development of effective mitigation strategies to address the most advanced, persistent threats. Categorize threats by profile to help enterprise become proactive in enhancing security posture,

Responsible for investigating intrusions or other malicious activity including reverse engineering to determine which programs have been executed, files that have been changed by an intruder (on disk and in memory), determine authoritative timelines of actions taken by intruders, find evidence of deleted files, and identify key information in browser histories, account usage, and USB usage. Mastery in this area also includes the ability to find unknown malware hidden in systems, also known as persistent presence.

QUALIFICATIONS: 

Required:  College Degree in an Information Security or Technology related field or equivalent experience plus a minimum 3 years related experience.  The incumbent will possess an extensive knowledge of information security concepts, network, system, and application vulnerability exploitation techniques and security system defense concepts.  The incumbent should have a demonstrated ability to work effectively with Information Security tools in a large, complex, multi-platform environment.

 

Abilities/Skills: 

Demonstrated ability to devise, analyze, and systematically assess the ability of systems and networks to withstand sophisticated adversaries (i.e., adversaries who have not only advanced technical skills, but also knowledge of the architecture and systems they are targeting).

Ability to deploy and manage active measures to contain incidents including rapid and accurate assessment of malware, isolation, characterization, and reverse engineering. It also includes the ability to recognize attacker-introduced local changes, suspect interactions, and targets that have been triggered to evoke malicious behaviors, as well as the ability to develop and rapidly deploy eradication tools.

Must be able to differentiate between incidents that represent less sophisticated attacks from those that must be analyzed in-depth and defeated by rigorous incident response

Ability to conduct sophisticated, methodical, comprehensive technical testing of configurations, pathways, and interactions between systems that mimic the techniques employed by advanced adversaries.

Ability to identify the program avenues most riddled with flaws and holes that give malicious actors access to important content or systems.

Excellent written, presentation and verbal communication skills.

Ability to self-direct and work independently.

Possess good working knowledge and understanding of Unix, Windows, and Mainframe (TSO, CICS) environments and their related security capabilities and functions.

Strong analytical / problem solving skills

 

Preferred: 

In-depth knowledge and proven experience working with information security tools including vulnerability scanning, intrusion detection, security event management, risk management, incident response, data loss prevention, data encryption and forensic solutions.

Good working knowledge of security related regulations such as HIPAA and NIST 800-53.

Strong work experience with scripting languages

Working knowledge of various programming languages preferred; JAVA experience a plus

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online