Cybersecurity Operations Threat Modeling Lead

JobID: 210507240

Category: Cybersecurity Operations

JobSchedule: Full time

Posted Date: 2024-04-15T12:54:48+00:00

JobShift:

:

As an experienced professional in our cybersecurity organization, you won't just be watching over our data - you'll be finding innovative new ways to protect it in the future. To do that, you'll help lead a highly motivated team focused on analyzing, designing, developing, and delivering solutions built to stop adversaries and strengthen our operations. You'll use your leadership skills to give guidance, advise on best practices and support our business and technology groups. By taking the lead on incident response, risk reviews, vulnerability assessments and identifying threats, you'll help us deliver cost-effective solutions that put our clients first. You'll deploy best practices, new policies and emerging trends to strengthen our strategic roadmap. By presenting your findings to senior leaders, you'll sharpen your communication and presentation skills. As part of our global team of technologists and innovators, your work will have a critical impact on our company, as well as our clients and our business partners around the world.

The Cybersecurity Operations Threat Modeling (COTM) team lead is responsible for managing a team of whose mission is to produce curated threat data, modeling threats using industry standard threat taxonomy that supports and drives assessment and controls uplift initiatives that ultimately protect the firm's technological assets.

Job responsibilities include

• Managing the daily operations of producing curated and actionable threat content (attack paths) using threat intelligence and incident reports. Ensuring the accuracy and quality of the product.

• Continuous improvement of operational processes and attack paths product, including identifying and developing tools or solutions.

• Working with internal stakeholders to identify detection uplift opportunities by leveraging attack paths data, and improve the threat detection capability of Cyber Operations.

• Partner with Product and Engineering stakeholders to drive development initiatives of strategic platforms for COTM.

• Participate in external research projects such as MITRE Center for Threat Informed Defense (CTID) that aims to uplift the cyber capabilities of the community and member organizations

This role requires a wide variety of strengths and capabilities, including:

• Bachelor's degree or equivalent experience

• Strong understanding of system stack including operating systems, middleware, databases and network

• Knowledgeable in attackers' tactics, techniques and procedures (TTP), attack paths and how systems or network could be compromised

• Familiar with cloud architecture and concepts including PaaS, SaaS and IaaS

• Understand the difference between threats and controls and articulate how controls could mitigate threats

• Candidates with experience performing threat models, risk assessments or who are in a threat intelligence or SOC analyst roles are desirable