Job responsibilities
- Assess the potential impact of vulnerabilities on business and technology operations using data-driven risk prioritization.
- Utilize advanced data analytics to conduct comprehensive root cause analysis (RCA) of security issues identified during assessments across various technologies. Transform findings into actionable insights.
- Collaborate with stakeholders throughout the firm to understand, address findings, and achieve the common goal of improving the security posture of the firm.
- Identify, design, and implement technical, procedural, educational, or other solutions to effectively mitigate security issues.
- Propose and drive novel, data-centric approaches to detect, mitigate and prevent the identified issues, leveraging the latest technologies and methodologies.
- Present data analysis, insights, and conclusions to both technical and non-technical audiences, including senior leaders, ensuring clarity and understanding.
- Prioritize remediation efforts using multiple criteria to ensure the most worthwhile issues are addressed first.
Required qualifications, capabilities, and skills
- Formal training or certification on software engineering concepts and 5+ years applied experience.
- An insatiable technical curiosity about all things Cyber and a desire to expand your skillset.
- A strong commitment to ethical practices and doing what is right.
- Proven experience in either offensive or defensive technical Cybersecurity roles, with a focus on solutioning to reduce Cybersecurity risks.
- Demonstrated proficiency in coding (scripting) experience (e.g., Python, C, JavaScript, VBScript).
- Demonstrated ability to be proactive and resourceful, identifying and analyzing appropriate data sources for data-driven investigations.
- Experience in cybersecurity roles and processes such as Incident Response, Threat Intelligence, Penetration Testing, Red Teaming, Risk Management, Cyber Engineering, Cyber Architecture, and Data Privacy.
- Strong written and verbal communication skills; ability to understand complex problems and present them simply.
- Ability to collaborate with high-performing teams, senior leaders, business stakeholders, third-party vendors, and technical individuals throughout the firm to effectively articulate risk and drive change.
Preferred qualifications, capabilities, and skills
- Familiarity with network architecture concepts, including cloud architectures, and deploying large-scale applications in an enterprise environment.
- Experience with enterprise level security technologies like firewalls, IDS/IPS, web proxies, DLP, SIEM, SOAR, and others.
- Experience in developing both tactical and strategic tools and capabilities.
- Experience in building analytical processes, templates, and documentation.