• Protect the business, its customers, and information from internal and external threats, whilst embedding technical security best practice, security design & architecture, secure development disciplines and technical security controls more deeply into the technical environments across the Group in order to improve the group's security posture and reduce cyber risk exposure
• Assist inthe  prevention or detection of threats by monitoring and responding to various security tool portals and dashboards
• Develop enhanced controls and countermeasures, and oversee implementation
• Work closely with other internal and external teams i.e., Infrastructure engineers, Sec Ops/ SOC etc, and act as an internal escalation point for SOC tickets.
• Support the development and guidance of junior/gap year staff.
• Provide technical security advice and support in the event of cyber events and incidents.
• Provide appropriate SME input to the business in delivering technical security improvements to processes, controls, and technologies.
• Support the Group CISO and the Head of Cyber Defence and Operations in relation to Cyber change initiatives and programmes
• Deliver adequate reporting, metrics, and analysis in line with wider cyber governance and risk frameworks to help senior management and risk owners make informed business decisions.

Skills: Security Architecture, Threat Monitoring, Incident Response, Control Development, Cross-Team Collaboration, Technical Advising, Staff Support, Cyber Governance

• Assist with the administration of SAAS security platforms and security software.
• Aid with wireless and wired network security, and other on-site security setups.
• Analyze, assess, and track security events, and help develop plans of action.
• Test for security vulnerabilities and gaps using modern security tools and best practices.
• Improve how we monitor for threats and vulnerabilities.
• Research, develop, and implement solutions following Neo’s security roadmap.
• Improve the security of Neo’s cloud-based applications and infrastructure.
• Working with internal teams across the FT to improve the security posture of apps and processes.
• Provide bespoke security training for FT's Editorial division. 
• Helping protect the next big story.
• Protect the business by investigating security incidents.
• Using the data from various security telemetry tools to define future policies for the business.
• Pen testing/Threat modelling to ensure we adopt a secure-by-default position.

Skills: SaaS Administration, Network Security, Security Analysis, Vulnerability Testing, Threat Monitoring, Solution Development, Cloud Security, Security Training

• Design, build and review an overall comprehensive Security Operations Center (SOC)
• Assist in designing and developing new use cases for SIEM and also automating processes where possible
• Regularly review and monitor systems for security issues and investigate security breaches
• Provide in-depth cybersecurity analysis and trending of vulnerabilities, incidents and alerts from a SIEM/EDR/SOAR system
• Review & respond to alerts received in the group cybersecurity mailbox
• Triage alerts and respond to raised cybersecurity incidents
• Track advanced persistent threats (APTs) and other threat actors across the landscape
• Proactively hunting for threats across the landscape (IT and OT)
• Correlate data across information sources and recognize notable patterns
• Keep an eye on current threats in the cybersecurity space and assist in implementing preventative measures within Lilium

Skills: SOC Design, Use Case Development, Security Monitoring, Cyber Analysis, Incident Response, Threat Hunting, Data Correlation, Threat Tracking

• Measure and analyze cyber security posture across the organization and recommend improvements and solutions to current cyber security issues and risks
• Remain up to date on current threats, vulnerabilities, attacks, and countermeasures, maintains CVE remediation program
• Coordinate the implementation of cyber security solutions (new/modifications) to reduce risk while enabling business efficiency and productivity
• Familiarity with Identity and Access Management (IAM), provide provisioning and deprovisioning of accounts, problem resolution and audit support
• Assist in the development, implementation, maintenance and enforcement of policies, processes and procedures associated with cybersecurity and IAM
• Assist in the development and management of endpoint security, including hardening, tools, and procedures
• Write a situational analysis for high-risk threats and suggest appropriate courses of action for remediation
• Monitor and manage web filtering solutions
• Assists in the development and refinement of patch and vulnerability management processes and solutions
• Assist in the development and refinement of incident response procedures and documentation
• Assist in coordinating cybersecurity incident response across the enterprise
• Assist various teams in capturing and refining information protection requirements, integrating those requirements into system designs and ensuring program compliance
• Assist in planning and engagement efforts for organizational security evaluations, systems analysis, pen-testing, and security architecture reviews
• Prepare and/or conduct written and oral reports and presentations

Skills: Cyber Posture, Threat Remediation, Solution Implementation, Identity Management, Policy Development, Endpoint Security, Incident Coordination, Vulnerability Management

• Leads or participates in information security-related projects or in managing strategy
• Lead and manage the Cyber Security Training and Education program
• Make business-critical incident response decisions, and work as part of a team of individuals dedicated to protecting clients
• Performs Incident Handling duties, which can be minor or significant security incidents within the defined Computer Security Incident Response process
• Maintains situational awareness for cyber threats across multiple clients and act
• Conduct forensic investigations for HR, Legal, or incident response related activities
• Manage and monitor cloud-based content filter for efficient school operations
• Assessing alerts and notifications of event activity, and intrusion detection systems by responding accordingly to the threat
• Provide reports and documentation by the supervisor
• Provide management with critical decision-making information by analyzing data, forecasting and developing systems or processes to monitor data and trends
• Cyber Security Analysts participate successfully in the training programs offered to increase the individual's skill and proficiency related to the assignments
• Review current developments, literature and technical sources of information related to job responsibility
• Ensure adherence to good safety procedures
• Perform other duties as delegated by the Infrastructure and Security Manager
• Follow federal and state laws, as well as company policies

Skills: Security Leadership, Training Management, Incident Response, Forensic Investigation, Cloud Monitoring, Threat Assessment, Data Analysis, Compliance Enforcement

• Understand the cybersecurity risks posed by third parties working with the group and in context to the Flutter risk appetite.
• Identify and assist with the management of third-party risk using established risk management processes both at the group and divisional levels.
• Working within the third-party supplier engagement life cycle, the analyst will complete security assessments of new suppliers.
• Perform continuous assessments of existing suppliers based on a risk-based selection process that involves reviewing evidence of the third party's control environment.
• Work with the business relationship owner to ensure that contract termination activities have been completed, including ensuring all Flutter data and assets have been deleted or returned.
• Ensure the list of suppliers for the Flutter group is updated with accurate information including business relationship owners and the risk category.
• Support the procurement process with the provision of relevant security contract clauses.
• In collaboration with the Cyber Security Senior Manager, Technical Operational Compliance assess and track remediation plans for control deficiencies uncovered.
• Work with the business relationship owner to ensure security is a top priority and build safe and healthy relationships with third-party suppliers.
• Perform regular governance activities to ensure third parties are being managed appropriately, e.g. no excessive access entitlements assigned.
• Ensure any systems used to support the assurance program remain operational including the monitoring of performance, ensuring that the systems remain patched and any upgrades are managed.
• Support the group business processes with accurate, relevant risk-based information about a third-party supplier’s security posture.
• Collate data for other risk reporting functions, e.g. Flutter KRI regular reporting, internal or external audit.
• Maintain accurate records of all TPSA activity, which can stand up to scrutiny by internal & external auditors as well as divisional stakeholders.
• Build and maintain relationships with key stakeholders across the group.

Skills: Third-Party Risk, Supplier Assessment, Contract Management, Governance Activities, Compliance Tracking, Stakeholder Relations, Risk Reporting, Security Monitoring

• Monitor security solutions and investigate and respond to alerts
• Act as an escalation point for incidents relating to potential security issues
• Performing initial diagnosis of security alerts and incidents. 
• Coordinate security incidents investigation and response with IT operations and external security vendors. 
• Track progress and ensure that users are informed
• Assist in periodic reviews of security configurations with IT operations and system specialists
• Work with the security team and external security providers to perform tests and uncover security vulnerabilities in systems and infrastructure
• Work with system owners, specialists and vendors to resolve security issues identified within systems and infrastructure
• Assist in compiling and producing reports on the status of security vulnerabilities and incidents
• Responding to security questions and requests from end users
• Advise colleagues on security issues and procedures
• Assessment and approval of security requests from end users
• Performing day-to-day security administration and operational tasks in line with defined processes
• Contributing to identifying any improvements that help maximize the efficiency and effectiveness of security processes and controls
• Participates in projects related to relevant areas of expertise

Skills: Security Monitoring, Incident Escalation, Alert Diagnosis, Incident Coordination, Vulnerability Testing, Security Advising, Security Administration, Process Improvement

• Use and customize appropriate tools for testing computer systems, networks and other devices.
• Develop and perform test scenarios for penetration testing for infrastructure, cloud, mobile and applications.
• Document scenarios performed, findings and proof of findings and provide recommendations/solutions for vulnerabilities/exploits discovered during the test.
• Monitor and track findings to ensure resolution occurs within a reasonable time
• Owns service improvement within the domain, within technology and process, to improve customer experience, efficiency and reduce cost. 
• Gives input and identifies cost-saving opportunities for budgeting and cost management
• Creating threat detection analytics
• Onboard log sources in alignment with the MITRE ATT&CK Framework
• Investigating and monitoring the SIEM platform
• Tuning of alerts and event sources to ensure the highest level of defence
• Ensuring all identified events are investigated thoroughly
• Working with Senior Analysts (Level 3) to improve and simplify processes
• Working with the Threat Hunters to identify and assist in the remediation of advanced security threats

Skills: Penetration Testing, Vulnerability Documentation, Threat Detection, SIEM Monitoring, Alert Tuning, Process Improvement, Cost Management, Threat Hunting

• Analyze information security-related logs, reports and data and identify risks 
• Assist in formulating the Plan of Action and Milestones (POAM) to identify risks 
• Implement and enforce the security policies and processes that are required by NIST and CMMC Security Controls and System Security Plans (SSPs) 
• Assist with application tools including SIEM, IPS, internet gateway, multifactor authentication and DLP tools. 
• Utilize a variety of accredited security software tools to conduct vulnerability assessments, continuous monitoring scans, and those employed to maintain OS configurations. 
• Monitor and ensure the effective implementation and execution of the company’s security measures and policies
• Detect and correct potential vulnerabilities by monitoring network data traffic and searching for threats
• Detect any intrusion (Data Breach), attack or unauthorized activity
• Test the effectiveness of company security systems through penetration tests and evaluate the effectiveness of the measures taken (ethical hacking)
• Analyze incidents and isolate parameters to predict and neutralize any future problems

Skills: Risk Analysis, POAM Development, Policy Enforcement, Security Tools, Vulnerability Assessment, Intrusion Detection, Penetration Testing, Incident Analysis

• Managing, advising and reporting on customer-impacting IT Security Incidents
• Providing ongoing support and assistance in conducting Information Security audits
• Conducting IT security impact assessments of proposed change requests
• Monitoring and recording compliance with operational security standards and procedures
• Conducting security control assessments to identify compliance control gaps, working with process owners to determine corrective action plans, and supporting the integration of a security controls framework
• Applying defined information risk management methodologies and frameworks to identify and implement controls in support of confidentiality, integrity and availability
• Organising and attending client IT Security forums to support the Security Manager in the review of services and discussion around improvement opportunities
• Collaborate with stakeholders to collect and analyse information, facilitate project decisions, and provide guidance on cybersecurity requirements and governance.
• Analyse and track business requests that deviate from Worley’s IT policies and standards.
• Provide cybersecurity gap assessments against Worley’s security requirements.
• Provide cybersecurity risk assessments, assurance reviews and advice across technologies and services.
• Assist in the development and maintenance of IT policies, standards, processes, and procedures for the enterprise environment.
• Assist in the implementation of governance processes for automating and continuously monitoring of cybersecurity controls, exceptions, and risks.

Skills: Incident Management, Security Audits, Impact Assessments, Compliance Monitoring, Control Assessments, Risk Management, Stakeholder Collaboration, Policy Developmen

• Support the development, update, implementation and enforcement of information security governance including policies, baselines and procedures
• Support the cybersecurity risk management capabilities including risk methodologies to mitigate cybersecurity risk across the company.
• Serve as a liaison between business and functional areas and the technology teams to ensure that Information Security policy-related business requirements for protecting data are clearly defined, communicated, and well understood, and considered as part of operational prioritization and planning
• Recommend appropriate security controls according to internal standards and key industry best practices and ensure that such controls operate as intended
• Gap analysis with respect to standards, industry regulations and definition of the security posture
• Conducting risk assessments and analysis
• Developing corrective actions and remediation plans for identified issues, risks, or vulnerabilities
• Analysis of regulatory requirements for data protection and support in the identification of corrective actions to reach compliance
• Support in the development and implementation of information security and cybersecurity awareness programs to raise awareness around information security risks and best practices
• Support the information & cyber security incident management and escalation processes and procedures
• Support in the digital transformation projects with security architecture reviews and the design of appropriate security controls
• Support the definition, development and review of key metrics to measure and report the state of cybersecurity across the company (e.g., key performance indicators, key risk indicators)

Skills: Security Governance, Risk Management, Business Liaison, Control Recommendation, Gap Analysis, Regulatory Compliance, Incident Support, Metrics Reporting

• Co-lead and develop the security monitoring & response capability of global cybersecurity team, in tight collaboration with the system and application owners.
• Track advanced persistent threat (APTs) and other threat actors and identify, classify, verify, investigate, and handle IT security events utilizing Security Monitoring, Security Incident Management, Security Analytics & Forensics, and Threat Intelligence
• Maintain and further optimize the SOC/SIEM/SOAR service, technical capabilities and related processes
• Monitoring & responding to EDR security events and enrich automation
• Operating security solutions including firewalls, email & web security, cloud security & solutions - by actively monitoring, tracking, and remediating incidents for those services
• Leading and supporting technical investigations and escalations for security threats and/or incidents
• Contributing to the Security service arsenal of the company by proposing, evaluating, and implementing modern security strategies.
• Responding to security threats and taking the lead on communicating and implementing responses to them, including reporting any breaches to the appropriate senior teams
• Collaborating and proposing changes in the company’s policies, sharing needs, meeting global compliance guidelines, implementing standardized security tools, and responding to global incidents impacting the organization.
• Acting as an ambassador of security initiatives, communication and training
• Contribute to vulnerability management with various teams, and follow up on the resolution of identified risks

Skills: Security Monitoring, Threat Tracking, SOC Optimization, EDR Response, Security Operations, Incident Leadership, Security Strategy, Vulnerability Management

• Recommend, roll out and stay up to date on security solutions, such as firewalls, WAF, NAC, etc.
• Perform packet trace analyses during incidents (Tcpdump, Wireshark)
• Analyze and implement traditional firewall rules (Cisco CSM/FMC, Checkpoint Firewall) and pull-request firewall rules (Check Point CloudGuard, AWS, Azure)
• Configure, support and document the network access infrastructure, such as equipment authentication, authorization and profiling (NAC)
• Implement content distribution (CDN) and DDoS protection solutions
• Monitor the availability of services, follow up on incidents/problems and analyze causes to determine permanent corrective measures with the goal of continuous improvement
• Analyze and assess the risks and vulnerabilities of various systems
• Ensure that security standards follow and comply with the enterprise architecture
• Analyze change requests related to the infrastructure, assess the impact on existing applications, and suggest and make the necessary changes
• Identify and automate existing processes to reduce implementation time or increase implementation quality
• Provide management with all the information needed to influence orientations and strategies related to the cybersecurity infrastructure
• Prepare and maintain documentation of environments

Skills: Security Solutions, Packet Analysis, Firewall Management, Network Access, DDoS Protection, Risk Assessment, Change Management, Process Automation

• Actively participate in the engagements, conducting the following tasks including participating in meetings with Clients, supporting to development of concepts, solutions, and methods required to fulfil projects objectives
• Support for business development activities, including methodology development, proposal writing, and direct support for presentation to potential clients
• Working with technologies and solutions utilized in cybersecurity and networks (SIEM, Firewalls, IAM, IDS/IPS, Endpoint Protection, Authentication and Authorization control, Cloud etc.)
• Develop professional documents in the form of reports, analyses, and methodologies in the English language,
• Testing the latest OT Cybersecurity tools & solutions in the EY OT/IoT Lab
• Monitoring of IT security alerts and triggering appropriate actions
• Creating, processing and escalating IT security incidents
• Participating in the Security Incident Response Process
• Automating the alert and incident management process
• Cooperating on a daily basis with SIEM administrators on the use case improvements
• Preparation and maintenance of the SIEM service documentation
• Working on the process improvements

Skills: Client Engagement, Business Development, Cybersecurity Technologies, Report Writing, OT Cybersecurity, Incident Management, Automation, Process Improvement

• Install, configure and maintain information security software and hardware tools
• Monitor and tune systems to assure availability and optimum performance
• Monitor systems and security tools for malicious or anomalous activity
• Respond to indications or reports of malicious or anomalous activity
• Prepare reports that document security breaches and the extent of the damage caused by the breaches
• Stay up to date on the latest methods of attack and defense of computer systems
• Research latest information technology (IT) security trends and tools to decide what will most effectively protect Rotech
• Help plan and enforce Rotech’s security policies and procedures
• Develop security standards and best practices for Rotech
• Recommend security enhancements to management or senior IT staff
• Maintain and backup logs generated by security tools
• Schedule installations and upgrades and maintains them in accordance with established policies and procedures
• Assist with troubleshooting networking and systems problems
• Facilitates knowledge transfer to other IS staff
• Works independently with vendors and 3rd parties to schedule maintenance, upgrades and resolve issues

Skills: Security Installation, System Monitoring, Threat Response, Incident Reporting, Security Research, Policy Enforcement, Standards Development, Vendor Coordination

• Experience in security operations, security analytics or security engineering roles.
• Experience in Investigative or Incident Response environments.
• Excellent knowledge of Computer Networking and IT Security and strong endpoint and networks troubleshooting skills.
• Excellent knowledge of common operating systems (e.g., Windows, Linux and Unix)
• Excellent knowledge of different threat scenarios, incident response and remediation techniques.
• Excellent knowledge of security solutions and technologies including Network Firewalls, proxy technologies, EDR, Spam, SIEM, UBA, E-mail filtering and spyware solutions (Gateway and SaaS).
• Knowledge of forensic, malware investigation, reverse engineering and scripting techniques
• Solid knowledge of information security, security awareness, zero-trust, web and mobile application security and application of standards and frameworks related to secure software development (e.g. OWASP, SANS)
• Knowledge of automated code testing tools and frameworks (SonarQube, Fortify) and of Automated Vulnerability Assessment Scanners
• Ability to rapidly comprehend the functions and capabilities of new technologies. 
• Solid knowledge of relevant technologies, methodologies and tools and security implications
• Ability to estimate the financial impact of security alternatives.
• Experience working with Agile teams and previous experience in building and establishing Cyber Security champions network

Qualifications: BS in Computer Science with 4 years of Experience

• Understanding of secure systems architectures
• Knowledge of Identity and access management principles
• Passionate about information security with a strong commitment to continuously improving user experience outcomes
• Experienced in incident handling for internal and advanced threats
• Experienced in NISD/NIPS, NSM, EDR, web proxy, vulnerability scanning, security monitoring, threat intelligence, and security analytics tools
• Infrastructure Security Hardening (Systems & Infrastructure) based on Industry Best Practices
• Strong understanding of operating systems Windows, Linux, etc. and communication protocols running on various layers of the OSI stack
• Knowledge of network fundamentals, e.g., Local Area Networks, TCP/IP, IPSEC, and high-level communication protocols 
• Solid understanding of security standards such as ISO27001, NIST, PCI-DSS, AusGov PSPF, ASD Top 8, and ISM
• People skills and the ability to communicate effectively with various clients, with the ability to explain and elaborate on technical details
• Have used network security analysis tools such as Snort, TCPDUMP, Wireshark, and other Host or network-based Intrusion Detection Systems
• Experience with system vulnerability assessment
• Familiar with computer forensic tools FTK, EnCase or other network forensic applications
• Knowledge of Linux/UNIX and Windows OS security
• Knowledge of computer programming languages and scripting languages and Previous scripting and coding 
• An understanding of DOD and Army information assurance policy and regulations

Qualifications: BA in Information Technology with 5 years of Experience

• Experience developing security tools and open-source projects
• Attention to detail and great problem-solving skills
• Outstanding knowledge of the technical foundations behind networking, operating systems and applications including TCP/IP, Linux, Windows, Web technologies, other networking protocols
• Good understanding of Information Security processes and theory
• Vulnerability research and exploitation skills
• Good communication skills and customer-facing experience
• Experience in Vulnerability management, Risk management, Traffic and packet analysis
• Experience in configuring and maintaining SIEM tools
• Experience in the creation of log correlation and incident detection rules
• Experience managing security consoles and log correlation solutions
• Experience with Online Gaming security
• Experience in forensic analysis
• Experience in security assessments
• Experience securing Microsoft protocols

Qualifications: BS in Cyber Security with 6 years of Experience

• Experience in analyzing a wide variety of network/host security logs to detect and resolve security issues
• Experience with Cloud Computing and technology
• Understanding of Diamond Model, Cyber Kill Chain, and MITRE ATT&CK
• Understanding of system events and host level analysis of Windows, MacOS, and Linux operating systems.
• Experience with Python, Jupyter Notebooks, PowerShell, or R with RESTful APIs
• Experience working within a diverse organization to gain support for  ideas
• Ability to effectively multitask and prioritize in a fast-paced environment
• Experience with supporting operations and maintenance for secure information management systems
• Experience with Linux operating systems and command-line interfaces
• Experience with the Windows operating system and Active Directory
• Experience with Amazon Web Services (AWS)
• Experience with Atlassian tool suite, including JIRA and Confluence
• Experience with Agile development techniques and ceremonies

Qualifications: BS in Information Systems with 4 years of Experience

• Experience with DoD 8570 IAT Level II Compliant
• Experience supporting Air Force ISR operations
• Knowledge of RMF process, eMass, and XACTA workflow tools
• Experience using relevant AF systems and databases
• Knowledge of military policies and procedures relating to information technology
• Experience working with cloud computing and infrastructure (AWS, Azure, etc)
• Experience with Active TS/SCI government security clearance 
• Experience with AWS Security Engineering Course
• Experience with ISC2 Certified Information Systems Security Professional Course
• Experience with ISC2 Certified Cloud Security Professional Course
• Experience working with Jira and Confluence
• Experience with Air Force ISR units

Qualifications: BA in Network Security with 5 years of Experience

• Experience with facilitating at least two packages from kickoff to approval
• Knowledge of individual AP families, difference between an AP and CCI, be able to comprehend existing DIACAP documentation and retrofit to address newer requirements IAW NIST requirements
• Experience with performing internal auditing on existing documentation IAW DoD, NIST, and best business practices
• Proficiency with writing policies and SOPs and be able to demonstrate this ability.
• Excellent writing, grammar, proofreading, editing, and oral communication skills
• Able to demonstrate the delivery of the final set of deliverables within a specified timeframe
• Able to manage time and priorities effectively and efficiently
• Ability to interview and apply complex and abstract knowledge gathered from SME's, System Administrators, and System Owners into clear and coherent writing
• Ability to take an active role in usability and testing of documents to validate the system package, policy, SOP, etc.] proper sequence for effective and efficient operation
• Understanding of current computing /networking technologies.
• Experience with Microsoft Operating System, Networking operations, embedded operating systems, and other related computing components and how they interconnect to support a larger system.
• Ability to create an Accreditation Boundary using Visio or another similar drawing package.
• Ability to validate the hardware and software components within an accreditation boundary
• Ability to provide a sample of work with creating Policies/Procedures or some type of Core documents from template format
• Knowledge of Microsoft Excel, PowerPoint, Word, Outlook

Qualifications: BS in Computer Engineering with 7 years of Experience

• Ability to handle multiple assignments and deadlines and adapt to changing priorities.
• Strong technical skills across cybersecurity technologies including scripting skills and an understanding of network traffic flows, and vulnerability management. 
• Excellent written and verbal communication skills.
• Computer literacy with proficiency in Windows Server, Windows 7/8/10, Microsoft Office Suite, especially Word, Excel and PowerPoint. 
• Experience with Intrusion detection/prevention systems, web application/database firewall systems 
• Understanding Critical Infrastructure Protection (CIP) regulatory requirements
• Ability to effectively interact with customers, support staff, outside vendors and various levels of management. 
• Expert knowledge of Incident Response Procedures
• Extensive knowledge of Packet Analysis
• Extensive knowledge of IDS/IPS solutions
• Extensive familiarity with various Host-Based Tools
• Experience with Log Aggregation Tools

Qualifications: BA in Digital Forensics with 4 years of Experience

• Extensive experience managing daily security operations
• Demonstrated knowledge of adversary tactics, techniques, and procedures (TTPs), the cyber kill chain, MITRE ATT&CK Framework, and NIST 800-61 rev2 incident management best practices
• Experience with Linux, Windows, iOS, Android,and MacOS
• Experience in conducting in-depth investigations, using open source forensic tools and methods to identify, detect and contain security events
• Proficient in the preparation of incident reports and documentation
• Ability to pay close attention to technical details
• Experience in analyzing a wide variety of network/host security logs to detect and resolve security issues
• Ability to carry out threat hunting to detect advanced threats
• Ability to utilize threat intelligence and apply to the environment to understand risk and the evolving threat landscape
• Ability to perform threat management and identify threat vectors and develop use cases for security monitoring
• Ability to review and manage SIEM configurations
• Experience conducting risk and security assessments against NIST and other standards/frameworks
• Experience utilizing penetration testing tools to analyze and identify areas for improvement

Qualifications: BS in Software Engineering with 5 years of Experience

• Experience with NGAV and cloud-based security and systems management tools such as Intune
• Ability to create, troubleshoot,and run PowerShell/Python scripts
• Knowledge of and experience with Microsoft Azure Platform, AzureAD, Office 365 administration, CASB technologies and client applications
• Excellent communication, analytical,and problem-solving skills
• The capability to work on multiple tasks with shifting and sometimes conflicting priorities
• Able to work effectively with other analysts/engineers and other departments to develop effective and efficient solutions
• Experience designing and implementing information security/technology processes
• Experience collaborating with remote colleagues
• Experience working with vendors or managing vendor relationships
• Experience collaborating with Application, Infrastructure, Network, HelpDesk and Security teams
• Ability to deal with ambiguity and flexibility to work collaboratively with others in a dynamic environment
• Experience in Information Technology/Cyber/Information Security related role
• Proficiency with Microsoft Azure infrastructure

Qualifications: BA in Management Information Systems with 4 years of Experience

• Good understanding of application security, particularly as it relates to web-based applications.
• Experience implementing cybersecurity automation
• Experience with scripting language (i.e. Python)
• Experience analyzing vulnerabilities, particularly those defined in OWASP's Top 10.
• Experience performing incident response functions.
• Knowledge and working understanding of firewalls and related technologies.
• An understanding of intrusion detection systems.
• Knowledge and understanding of security engineering principles.
• Knowledge of Windows and/or Linux Administration
• Knowledge of Tenable SecurityCenter, IBM AppScan, Carbon Black, Splunk, the Burp Suite, Palo Alto and/or Imperva application firewalls.
• Experience deploying and maintaining firewalls in general and/or application firewalls in particular.
• Experience with intrusion detection systems.
• Ability to perform application-based security testing using manual testing tools (e.g., the Burp Suite).
• Experience integrating security engineering principles into the enterprise.

Qualifications: BS in Data Science with 5 years of Experience

• Experience with packet analysis tools
• OS knowledge for various versions of UNIX, LINUX, and Windows.
• Knowledge of web application security and in vulnerability management
• SIEM experience (working knowledge of use cases, reporting and trending, rules creation) such as FortiSIEM, Arcsight, QRadar.
• Writing signatures or investigating events.
• Perform advanced hunt activity for the enterprise network.
• Strong understanding of network protocols TCP/IP, 802.11, layer 2 and 3 switching, DHCP, DNS, network security, cloud computing and troubleshooting skills.
• Well-versed in multiple cybersecurity domains and technologies such as firewalls, anti-malware, intrusion detection and/or prevention systems, and other network and systems security platforms
• Deep insights into threat intelligence tools and techniques
• Advanced knowledge of cyber-attack techniques and mitigation strategies
• Ability to effectively communicate complex topics to engineers and leadership
• Ability to properly handle confidential data and strictly follow business processes and procedures
• Ability to operate in fast-paced and high-stress situations
• Ability to conduct in-depth forensics analysis on a variety of operating systems and IT platforms

Qualifications: BS in Information Security with 6 years of Experience

• Experience working in a SOC, IT Security, or Information Technology.
• Experience or knowledge of how to conduct intelligence analysis.
• Familiarity with network security applications, protocols, and associated hardware.
• Understanding of systems engineering methodologies and deliverables.
• Excellent written and verbal communication skills, with an emphasis on relationship building.
• Experience communicating third-party risks across stakeholder groups including management and executive leaders
• Strong understanding of information security risks and controls, CISA, CTPRP, and/or CISSP certifications
• Experience executing third-party security assessments including identifying control gaps and providing recommendations for remediation.
• Understanding of cloud solutions/architecture (SaaS, PaaS and IaaS) and associated security controls
• Ability to assist with the implementation of third-party security processes (includes reporting, finding management, policy/ standard review, risk identification, risk assessments, and risk monitoring).
• Experience reviewing independent assessments including Service Organization Control reports, Penetration and application security tests related to third-party vendors and products.

Qualifications: BA in Computer Science with 5 years of Experience

• Hands-on application development or system programming, using C++, C#, Java, Python or JavaScript, etc.
• Experience in information security
• Experience with cloud technology platforms GCP, Azure, and OCI
• DevOps knowledge and experience with cloud deployment, build and test automation technologies like Terraform, ansible, chef, puppet, docker, Jenkins, etc.
• Experience with scripting languages like shell, Python, Powershell, etc to automate tasks.
• Knowledge and experience of application development, modern development tools, frameworks, operating systems, and network.
• Experience with Agile, SAFe, CI/CD, DevSecOps.
• Hands-on familiarity & experience with Linux (e.g. Redhat/CentOS) & Windows Server
• Experience with vulnerability management and risk assessment.
• Ability to learn and retain new skills as required, meeting a changing technical environment.
• Experience in monitoring, investigating, and solving IT security-related concerns
• Strong interpersonal skills including strong written and oral communication skills
• Experience with building & managing user awareness training programs
• Ability to multitask and balance priorities

Qualifications: BS in Network Engineering with 6 years of Experience

• Understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
• Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
• Strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings
• Knowledge of DoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP, SANS GSEC prior to starting.
• Knowledge of  DoD 8570 CSSP-A level Certification such as CEH, CySA+, GCIA or other certification 
• Demonstrated commitment to training, self-study and maintaining proficiency in the technical cybersecurity domain and an ability to think and work independently
• Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, Full Packet Capture), and other attack artifacts in support of incident investigations.
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. ArcSight, Splunk, Nitro/McAfee Enterprise Security Manager, QRadar, LogLogic).
• Experience and proficiency with Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, Network Forensics.
• Experience with malware analysis concepts and methods.
• Unix/Linux command line experience.
• Scripting and programming experience.
• Strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
• Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.

Qualifications: BA in Cybersecurity Management with 5 years of Experience

• Full IAM product suite implementation experience (SailPoint, Okta, Powershell, Active Directory, AzureAD)
• Strong knowledge of a typical SDLC and DevOps methodology
• Excellent troubleshooting, analytical and problem-solving skills
• Demonstrated experience producing effective test plans and executing test cases.
• Solid understanding of build tools and software configuration management standards
• Experience with the development of QA automation tools such as Selenium.
• Experience with development collaboration systems, such as JIRA.
• Excellent analytical and problem-solving skills
• Excellent verbal and written communication skills
• Ability to operate within a high-performing, motivated team and adapt direction to accommodate changes in priorities
• Knowledge of and experience with current and emerging access management technologies including IAM tools (SailPoint) and File Share Access Auditing (Varonis)
• Strong knowledge of Access Management business processes/workflows and associated tools (ServiceNow)
• General knowledge of best practices standards that govern Information Security such as ISO, NIST, and SANS.
• Strong Written and oral communication skills, including the ability to interact directly with customers who do not have an IT background.
• Ability to work within a large enterprise that spans multiple continents is governed by change management and has a tiered support model.

Qualifications: BS in Systems Analysis with 6 years of Experience