Full-time, permanent opportunity with a large, well-respected financial institution headquartered in South Bend, Indiana. US citizenship or Green Card required.
Responsible for the threat and vulnerability management process for the client, ensuring that the client establishes appropriate counter-measures and remediation efforts for emerging threats and vulnerabilities and appropriate responses to information security related incidents.
- Develops and documents the threat and vulnerability management process, identifying participating organizations and the roles and responsibilities in that process.
- Oversees and participates in the execution of the threat and vulnerability management process with full accountability for the effectiveness and efficiency of the process and its ability to reduce risk to the confidentiality, integrity and availability of the bank’s information technology and information assets.
- Manages, develops and directs information security analysts who support threat and vulnerability management.
- Develops extensive familiarity and expertise with the Bank’s scanning and threat intelligence capabilities and develop targeted, accurate and insightful reporting and prioritization of the various threats and vulnerabilities to the bank’s information technology and information assets.
- Communicates and disseminates threat intelligence and vulnerability information, reports and priorities to appropriate personnel and follow-up to ensure effective and timely countermeasures and remediation plans are established to bring residual risk to an acceptable level.
- Establishes effective and efficient methodologies for the reporting and prioritization of threats and vulnerabilities and the capturing and status of associated remediation efforts.
- Develops extensive familiarity and expertise with the firm's Security Information Event Management (SIEM) system and alarm and reporting capabilities from the firm's firewalls, intrusion detection/prevention systems, patch management, malware and virus scanning systems, endpoint protection and other security systems to facilitate monitoring, analysis and event correlation for early detection of unusual or unauthorized activities.
- Investigates suspect events and activity identified by the SIEM and other security systems drawing on appropriate expertise from across the Information Technology organization, vendors, and support services Monitors access and use of corporate technical services utilizing software tools Creates formal security incidents as appropriate, developing and recommending remediation solutions that expose and/or prevent the perpetrator or source activities.
- Serves as second level support to IT-Support (first level support), system and database administrators and software and network engineers, providing security analysis, investigations and solutions to security events and incidents and design and configuration standards for application security settings.
- Develops monthly performance metrics for threat and vulnerability management, patch management and incident response for information security from relevant security systems and processes.
- Five (5)+ years of experience working on computer security team in an IT environment.
- Five (5)+ years of experience supervising staff.
- Experience administering and supporting Windows and one of the following: Apple or Linux based operating systems, workstation, server and virtual environments (eg., Microsoft Windows Server 2003 to 2012R2, Hyper-v and WIN7, OS X).
- Experience with enterprise information security data management.
- Experience with trouble ticketing and change management tools.
- Knowledge of malware, vulnerabilities, exploits, network forensics, packet analysis.
- Understanding of SIEM systems and event log correlation analysis and reporting.
- Understanding of network traffic analysis.
- Passion for all things information technology and information security.
- Natural curiosity and ability to learn new skills quickly.
- Willingness to work outside of standard business hours.
- Excellent collaboration skills.
- Strong analytical, documentation, and communication skills.
- 3+ years of experience in the banking or financial services industries.
- Other Microsoft, Linux, Cisco, or security certifications.
- Experience with testing tools (eg., Nmap, Nessus, WebInspect, AppDetective, Metasploit).
- Bachelors of Science required in Information Technology, Computer Science or related field;
- CISSP and or CISM, CISA, CCIE certifications preferred.
- Other Microsoft, Linux, Cisco, or security certifications preferred