Search for More Jobs
Forward job to a friend
Apply without Registering
Apply by creating/using an account
Required Technical Skill Set
Ability to perform reactive & predictive security analysis and articulate emerging threats to leadership and team.
Situational awareness of cyber activity by reviewing open source reporting for new vulnerabilities, malware, or other threats
Analyze, identify and assess the internal technology risk, internal controls, and assist in control improvement of designated area.
Lead and coordinate multiple security risk assessments independently utilizing ISO 27001 / 27002 or other appropriate information security control structures; develop risk remediation plans, and facilitate risk remediation efforts.
Provide consultation on information security regulations and standards, such as PCI DSS, HIPAA, or NIST
Facilitate the information security risk management program by identifying areas most in need of risk assessment, coordinating risk assessments with other information security risk analysts, and utilizing analysis from information
Experience in Networking, firewall, VPN Systems, Vulnerability Management and System Monitoring
Communicate risk assessment results and risk mitigation strategies to senior leaders.
Develops and maintains information security policies, procedures, standards and guidelines based on industry best practices and compliance requirements.
Provide security domain expertise to peers and influence community to enhance their security posture
Exposure to Splunk administration and Security incident investigations using Splunk including Enterprise Security.
Experience in Security Incident Response Lifecycle
Should have good conceptual understanding of Windows, Linux operating systems & Networking – TCP/IP Protocol Suite
Should understand the functioning of Security Technologies including Anti-virus, Firewalls, Intrusion Prevention, Packet Capture tools, Remote access technologies etc.
Understanding of common network services (web, mail, DNS, FTP, etc.), network vulnerabilities, and network attack patterns
Experience in Qualys Vulnerability Management
Exposure to Static and Dynamic application security and report analysis(Fortify, App scan, Burp Scan)
Experience in Tufin tool in Zoning,segmentation and firewall rules.
Experience in Tanium tool in support of End Point Security
Possess knowledge and experience in Threat Ecosystem, remediating Malware, Rootkits and Botnets
Strong analytical and problem solving skills
Strong communication (verbal and written) and interpersonal skills
Responsible for assisting the team with configuration, deployment, and management of the customer's SIEM solution in a 24x7x365 environment.
Monitor, evaluate, and assist with the maintenance of assigned security systems in accordance with industry best practices to safe guard internal information systems and databases
Analyze a variety of network and host-based security appliance logs determine the correct remediation actions and escalation paths for each incident.
Ability to conduct packet analysis and articulate findings in order to fine-tune alerts
Conduct advanced use case development leveraging all product features (trends + variables + hierarchal architectures, Pattern Discovery)
Responsible for security incident response and documentation of investigation reports
Prioritize & determine events that are relevant for immediate action, which are wait and watch and which are not relevant
Maintain an expert understanding of vulnerabilities, response, and mitigation strategies used to support cyber security operations
Track the third party risk management process in RSA Archer governance, risk & compliance tool.
Assessing, evaluating and testing of Information Technology General Controls (ITGC), including logical access, physical access, IT operations, and application development for the systems of multiple financial institutions
Extensive usage of applications like SharePoint for Governance audit, Client fortify and Appscan for Application code audits, Tufin to validate network vulnerabilities, Qualys to identify major vulnerabilities within different platforms
and Guardium to authenticate encryption protocols for classified information.
Perform Security Risk Assessments to determine the level of risks involved with systems, including their operational use by client personnel and provide best practice recommendations to clients based on identified gaps.
Educate business unit managers, IT development team, and the user community about risks and security controls.
Apply by creating/using an account