Job Description:

Responsibilities:

Accountabilities may include, but not be limited to:

* Network and application vulnerability scanning

* Penetration testing

* Security event monitoring

* Threat detection, threat modeling, threat hunting, and working with actionable intelligence to enact countermeasures.

* Responsible for design and implementation of security strategy, architecture and platforms.



Qualifications:

* 6 or more years of work experience in IT Security 

* Bachelor's degree in an IT, Computer Science, Cyber Security, Engineering, or related field or equivalent work experience 

* Strong technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and./or threats

* Strong technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances

* Demonstrated knowledge of information threat analysis and detection concepts and principles and impact, inclusive of statistical analysis, correlation, historical trending, and interpretation. 

* Ability to prepare threat models (MS Threat Model Tool, STRIDE/DREAD Risk Models, etc.) focused on application and system designs and architectures.

* Experience working and managing vendor performance and service level agreements

* Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts. 

* Strong technical knowledge of current systems, software, protocols and standards. (including TCP/IP and network administration/protocols).

* Demonstrated experience with and fundamental understanding of objected-oriented design concepts and patterns, one or more modern software programming and/or scripting languages related to web and/or mobile development.

* Proven ability to understand, interpret, and explain risk identification and remediation methodologies including risk score rankings (CVSS and CVE) and applicability to risk prioritization. Includes providing remediation action guidance to key stakeholders. Demonstrated experience with gathering, correlating, and actioning threat intelligence obtained from internal and external (public) intelligence sources.

* Experience developing, documenting and maintaining security procedures. 

* In-depth knowledge of operating systems and security applications

* Proven ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously. 

* Ability to communicate highly complex technical information clearly and articulately for all levels and audiences. 

* Ability to manage tasks independently and take ownership of responsibilities 

* Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel. 

* Ability to adapt to a rapidly changing environment and quickly identify new trends and industry changes specific to security and advanced cyber attacks

* High critical thinking skills required to evaluate complex, multi-sourced security intelligence information, analyze and confirm root cause, an independently, or at times with the assistance of a Senior IT Threat Analysts or third-party vendor, identify mitigation alternatives and solutions that safeguard our technical environment.