This position is a lead technical role within the Cyber Security team. It will contribute to enhancing our current cyber security program and will work closely with other team members and the head of cyber security around implementing and maintaining our technical controls as well as enhancing policies around identification, management and treatment of cyber security risk, as they relate to sensitive applications and data.
A primary focus for this role will be within Pipeline Security, Vulnerability Management and appliance code review, securing pipelines and providing best practices and trainings where necessary.
It will also help drive response automations and transition cloud security native tools and controls under a single umbrella.
Continued transitioning of AWS cloud native security tooling and technologies into centralized cyber security umbrella for triage, automation and response.
Expand upon and modernize existing vulnerability management program by automation, integration and reporting.
Enhance existing, define new, and implement security controls, procedures and workflows as it relates to pipeline security and vulnerability management.
Understand emerging threats, recommend remediation steps required to mitigate current threat landscape.
Defining and driving the implementation of technology requirements for the application development community to proactively integrate security requirements as part of software development life cycle.
Contribute to the development and improvement of security monitoring and incident response processes and technology solutions as required to support our cyber security program.
Create and deploy threat-based signatures for operational intrusion detection capabilities and response automations.
Provides detection, identification, and reporting of possible cyber-attacks/intrusions, anomalous activities, and misuse activities.
Characterizes and performs analysis of network traffic and system data to identify anomalous activity and potential threats to resources.
Ensure that all cyber security technologies are maintained, updated and working at max capability and efficiency.
Strategic scheduling and deployment of cyber security technology adjustments/modifications which must be done outside of normal business hours.
Partner with our teams to execute on the integration of security requirements in our products development lifecycle (e.g., developers tooling, automated analysis, threat modeling , offensive security testing, supply chain security).
Participate in developing our internal CI/CD pipeline and code development security training programs targeting various code development teams.
Experience supporting security application development initiatives requiring innovation, automation, and integration.
Programming and scripting skills would ideally include one or more of the following: C#, Python, Ruby, PowerShell or Bash.
Experience in security engineering principles involving application security, security testing, communications / network security, and other areas of cyber security.
Ability to manage the evaluation and implementation security controls as they relate emerging technologies.
Understanding / proficiency in applications, containerization, APIs, web services.
Experience in the following technologies - SIEMs, WAFs, IDS/IPS, anti-malware, EDR, secure cloud access, vulnerability scanning platforms, FIM, DLP/DDR, private cloud and open source security frameworks.
Experience with application security; SAST, DAST and IAST.
An intermediate level of Azure and/or AWS cloud experience as it relates to security technologies and controls.
Understanding of MITRE ATT&CK framework TTP’s.
Experience threat intelligence reports and feeds, designs remediation for profile or toolset changes based on reviews.
Experience securing and responding to all aspects of the technical enterprise.
Understanding of incident detection, response and forensics.
Experience interpreting security and information protection policies into executable requirements and technical solutions.
Advanced experience using SOAR technologies is desired.
Great awareness of cybersecurity trends and hacking techniques.
Collaboration, prioritization, and adaptability skills required.
Ability to work independently and to lead some initiatives/programs.
Driven by metrics to demonstrate the value of your work.
Successful experience interacting and presenting with internal customers and project co-workers.
Some level of knowledge of regulation and standards compliance.
Ability to work under pressure in a fast-paced environment.
Strong attention to detail with an analytical mind and outstanding problem-solving skills.
Off hour handling of alerts and responses as it pertains to team-oriented incident response responsibilities.