Dofactory.com
Dofactory.com

Security Engineer

Job Type
Fulltime, Contract
Level
Senior level
Skills

Job Description

Grow your career as a Security Engineer with an innovative global bank. Contract role with strong possibility of extension. Will require working a hybrid schedule 3 days onsite per week.

Join one of the world's most renowned global banks and trusted brand with over 200 years of continuously evolving financial services worldwide. Will participate in activities as part of the organization’s Attack Surface Reduction (ASR) program and Breach Attack Simulation (BAS) program. May also participate in Red Team and Penetration Testing exercises. You will work alongside some of the smartest minds in the industry who are excited to share their knowledge and to learn from you.

Contract Duration: 12+ Months

Required Skills Experience
  • Bachelor’s degree/University degree.
  • Experience with reconnaissance, attack surface mapping techniques, strong programming background and offensive security experience.
  • 4+ years of experience or equivalent knowledge and exposure are required with most of the following:
    • An understanding of attack surface management tools, including their capabilities and limitations.
    • Deep understanding of reconnaissance types and techniques.
    • Strong communication and interpersonal skills, including experience with technical and non-technical teams.
    • Excellent analytical and problem-solving skills, with the ability to analyze complex data sets, and provide recommendations for mitigating risk.
    • Familiarity with big data technologies, data analysis and visualization tools: Tableau, Spark, Hive, Hadoop, etc.
    • Experience with program management tools: ServiceNow, JIRA, Confluence, etc.
    • Conducting Vulnerability Assessments and Penetration Testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience.
    • Identifying, researching, validating, and exploiting different, known, and unknown security vulnerabilities on the server and client side.
    • Leveraging the MITRE ATTCK Framework.
    • Red Team testing tools: Cobalt Strike, Red Team Toolkit, etc.
    • Vulnerability Assessment tools: Nessus, Qualys, etc.
    • Exploitation frameworks: Metasploit, CANVAS, Core Impact
    • Social Engineering campaigns: email phishing, phone calls, SET
    • Deep understanding of OSI model and OWASP
    • Security devices: Firewalls, VPN, AAA systems
    • OS Security: Unix/Linux, Windows, OSX
    • Understanding of common protocols: HTTP, LDAP, SMTP, DNS
    • Web application infrastructure: Application Servers, Web Servers, Databases
    • Web development and programming languages: Python, Perl, Ruby, Java, .Net
Desired Skills Experience
  • Master’s degree.
  • Industry-accredited security certifications (e.g. PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA, or CISSP).
What You Will Be Doing
  • Assist with the development and implementation of program management processes and tools related to attack surface reduction.
  • Support the company’s Red, Blue, and Purple Teams during the execution of offensive security assessment operations.
  • Develop and implement Red Team automation tools utilizing various programming languages.
  • Assist in developing and maintaining technical documentation.
  • Monitor program progress and identify potential risks and issues, including the changes in the firm’s attack surface or the emergence of new threats.
  • Review and validate automated testing results and prioritize actions that resolve issues based on overall risk.
  • Analyze source code to mitigate identified weaknesses and vulnerabilities within the system.
  • Review and validate automated testing results and prioritize actions that resolve issues based on overall risk.
  • Scan and analyze applications with automated tools, and perform manual testing if necessary.
  • Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions.
  • Identify opportunities to automate and standardize information security controls and for the supported group.
  • Establish meaningful partnerships with relevant stakeholders across the enterprise is a key function of this role to build and maintain a comprehensive model of applicable, feasible threats, and risks to the business.
  • Act as a subject matter expert and provide guidance with stakeholders.
  • Identify and ensure compliance with relevant frameworks and guidelines (e.g., NIST).

You will receive the following benefits:

  • Medical Insurance - Four medical plans to choose from for you and your family
  • Dental Orthodontia Benefits
  • Vision Benefits
  • Health Savings Account (HSA)
  • Health and Dependent Care Flexible Spending Accounts
  • Voluntary Life Insurance, Long-Term Short-Term Disability Insurance
  • Hospital Indemnity Insurance
  • 401(k) including match with pre and post-tax options
  • Paid Sick Time Leave
  • Legal and Identity Protection Plans
  • Pre-tax Commuter Benefit
  • 529 College Saver Plan

Motion Recruitment Partners is an Equal Opportunity Employer, including Veterans/Disability/Women. All applicants must be currently authorized to work on a full-time basis in the country for which they are applying, and no sponsorship is currently available. Accommodation will be provided in all parts of the hiring process as required under Motion Recruitment Employment Accommodation policy. Applicants need to make their needs known in advance.

 
Ref #
2772609
Posted
19 days ago
  •  
Last updated 17 days ago


Stay Inspired!
Join other developers and designers who have already signed up for our mailing list.
Terms     Privacy     Cookies       Do Not Sell       Licensing      
Made with    in Austin, Texas.  - vsn 44.0.0
© Data & Object Factory, LLC.