Threat Detection/Vulnerability Engineer

  • Custom Staffing
  • New York, NY, USA
  • Jan 12, 2019
Information Technology Telecommunications

Job Description

Job purpose

In this role, you will lead a US IT Security Operations team responsible for Cyber Threat and Vulnerability Management, Security Engineering and Operations, as well as Monitoring and Response. This is a multi-faceted technical hands-on role with a strong focus on innovative security technologies, efficient operational processes, resource development and business engagement.

As part of an FMI (Financial Market Infrastructure) caliber security program, the team must continually adapt and improve program capabilities and maturity in response to evolving security threats and regulatory requirements. The role includes reporting on the performance of the function and specifically demonstrating improvements through developing the team, improving procedures and practices, and optimizing the preventative and detective capabilities of our security technologies

Essential Function / major duties and responsibilities of the job

Strategic

  • Contribute to the overall security strategy in its annual iterations.
  • Foster relationships with key stakeholders from IT, business groups, IT security vendors and strategic partners
  • Maintain and produce key operating metrics
  • Leverage a risk based design methodology when evaluating, designing and implementing new security technology and operational processes to mature the security program
  • Research new security related products and services to ensure that the group is equipped with appropriate industry tools and solutions.
  • Keep informed of new and emerging security threats & assess effectiveness of current controls to identify opportunities for program improvements

Operational

  • Participate in threat intelligence information sharing forums to collect and assess the threat landscape
  • Manage intake, analysis and appropriate application of threat intelligence within security tools to enhance preventative and detective controls
  • Research, design, operate, maintain and enhance internal security tools, services and procedures
  • Develop and tune detection capabilities to ensure appropriate monitoring and response to threats
  • Monitor, analyze, and triage security alerts
  • Maintain, improve and practice incident response plan
  • Prepare for, identify (hunt) and remediate cyber threats
  • Execute vulnerability scans, interpret vulnerability and compliance scan results and follow-up on issues with relevant support teams for remediation

Leadership

  • Work as a team member and individual contributor
  • Lead and manage a team of IT Security Specialists
  • Provide appropriate mentoring and training opportunities to build and maintain a talented and successful team

Experience / essential and desired for successful job performance

- provided by Dice Java, J2EE, Spring integration, Spring Security, Spring, Hibernate, SQL, software development, software applications