Language Fluency: English (Required)

Work Shift:

Please review the following job description:

Essential Duties and Responsibilities

Following is a summary of the essential functions for this job. Other duties may be performed both major and minor which are not mentioned below. Specific activities may change from time to time.

• Support BAS Operations: Assist in setting up executing and monitoring BAS/CSV attack simulations that emulate adversary tactics techniques and procedures (TTPs).

• Assist in Result Analysis: Help review BAS results to identify potential vulnerabilities detection gaps and opportunities for improving security controls.

• Contribute to Documentation: Maintain accurate records of BAS scenarios procedures and outcomes; assist in preparing reports for technical and non-technical stakeholders.

• Tool and System Integration: Work with senior engineers to integrate BAS platforms with enterprise security tools such as SIEM EDR and SOAR.

• Collaboration and Learning: Partner with red blue and purple teams to understand simulation outcomes strengthen alerts/rules and expand knowledge of detection engineering.

• Threat Intelligence Application: Leverage threat intelligence provided by senior staff to help inform test scenarios and understand emerging attack trends.

• Vulnerability Management Support: Participate in identifying and tracking vulnerabilities highlighted through BAS and other testing.

• Project Participation: Contribute to security validation initiatives and play supporting roles in larger more complex projects.

• Continuous Development: Engage in learning activities to expand knowledge of BAS cybersecurity frameworks (e.g. NIST MITRE ATT&CK) and automation/scripting in support of security operations.

Required Qualifications:

The requirements listed below are representative of the knowledge skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Bachelors degree and five years of experience in systems engineering or administration or an equivalent combination of education and work experience.

• In-depth knowledge in applied enterprise information security technologies including but not limited to firewalls intrusion detection/prevention systems network operating systems identity management database activity monitoring encryption content filtering and Mainframe security

• Previous experience in planning and managing IT projects

Preferred Qualifications:

• Experience with Breach and Attack (BAS) or Continuous Security Validation (CSV) tools

• Bachelors degree and six years of experience or an equivalent combination of education and work experience

• Banking or financial services experience

• Experience designing and executing Attack Scenarios: Plan and conduct realistic cyberattack simulations that mimic real-world threat actor tactics techniques and procedures (TTPs).

• Analyze Simulation Results: Evaluate the outcomes of BAS identifying weaknesses in security controls vulnerabilities and gaps in detection and response capabilities.

• Provide Actionable Recommendations: Develop and present recommendations to improve security policies procedures and technologies based on simulation findings.

• Integrate BAS with Security Infrastructure: Integrate BAS platforms with existing security tools like SIEM and EDR to enhance detection and response capabilities.

• Document and Communicate: Maintain documentation of BAS methodologies procedures and results and communicate findings to technical and non-technical stakeholders.

• Collaborate with Security Teams: Work with security analysts and engineers to adjust alerts rules and controls based on simulation results.

• Threat Hunting and Intelligence: Utilize threat intelligence to inform attack scenarios and identify emerging threats.

• Vulnerability Management: Identify prioritize and recommend remediation of high-risk vulnerabilities.

• Red Teaming and Blue Teaming: May also participate in red purple and blue team exercises to further evaluate security posture.

• Strong understanding of cybersecurity concepts including attack vectors TTPs and security controls.

• Experience with CI/CD pipeline end to end lifecycle

• Experience with penetration testing vulnerability management and security tools.

• Proficiency in scripting and automation languages (e.g. Python PowerShell).

• Knowledge of common threat intelligence sources and frameworks.

• Excellent analytical problem-solving and communication skills.

• Ability to work independently and as part of a team.

• Familiarity with cybersecurity frameworks and standards (e.g. NIST MITRE ATT&CK and D3FEND).

• Experience with GRC engineering

• Experience with commercial BAS tools: AttackIQ SafeBreach Cymulate etc.

• Experience with detection engineering and SOAR

Other Job Requirements / Working Conditions

Sitting

Constantly (More than 50% of the time)

Visual / Audio / Speaking

Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone.

Manual Dexterity / Keyboarding

Able to work standard office equipment including PC keyboard and mouse copy/fax machines and printers.

Availability

Able to work all hours scheduled including overtime as directed by manager/supervisor and required by business need.

Travel

Minimal and up to 10%