Lead Threat And Vulnerability Management Analyst

Carolina Power & Light Co Richmond , VA 23234

Posted 2 months ago

Thomson Reuters is seeking a Lead Threat and Vulnerability Management Analyst, to assist in the strategic development and implementation of a rapidly maturing program within the Thomson Reuters Cyber Defense Team. This individual will be recognized as a subject matter expert in the area of information security, have deep experience in secure system design and engineering, and demonstrate exceptional business consulting skills. Our target candidate will demonstrate an ability to influence the strategy for how the team will partner with business technology teams to identify cyber security risks and threats, design solutions to protect critical systems, and continuously improve the overall hygiene of TR's estate.

Responsibilities:

  • Provide strategic technical guidance to senior management, business technology teams and functional organizations across the company;

  • Provide expertise and guidance in managing and configuring the enabling technology platforms for the team (e.g., Qualys and Veracode);

  • Manage third party vendor relationships to accurately depict Thomson Reuters security posture in the public domain;

  • Lead the team in analyzing vulnerability scan results, identifying vulnerability patterns, and partners with business technology teams to define and execute streamlined processes to remediate vulnerable systems across the estate;

  • Support the team in analyzing application security testing reports and working with the various business units to drive remediation efforts;

  • Inspire change across the enterprise to drive a more responsible and accountable culture for improving the security posture;

  • Deliver against the transformation strategy that defines the people, process, and technology capabilities needed to improve TR's identify and protect functions within the broader NIST Framework(s);

  • Help drive strategic direction of the program while providing technical remediation guidance to the various technology groups, across various business units;

  • Drive the technology roadmap, defining current and future security platform lifecycles (candidate, POC, deployed, pending decommission) to continuously improve TR's security controls posture;

  • Prepare strategic updates and vision documents, briefings, and reports, and demonstrates excellent communication skills and executive presence in presentations to TR executives, customers, and partners

Behaviors and Ways of Working:

  • Experience acting as change agent, driving continuous improvement and excellence

  • Experience leading critical operational functions within large, complex commercial environments

  • Comfortable operating in a dynamic, fast-changing, and innovative environment

  • A working style that is collaborative, energetic, and results-oriented

  • Demonstrates the ability to employ judgment and experience to make rapid, complex decisions

  • Ability to influence others, earn followership, and drive consensus across different stakeholder groups

  • Exceptional critical thinking skills that extend beyond the typical information security subject matter

  • The ability to flex styles to work well with a range of personalities from extremely technical team members to non-technical business leaders

Education and Experience:

  • Bachelor of Science in Information Security or related degree required; Industry Certs or Masters Preferred

  • A minimum of 5 years of experience working across technology teams in a global organization;

  • Prior experience leading large-scale projects or initiatives in a global organization

Occasional travel may be required, up to 25% of the time.

Do you want to be part of a team helping re-invent the way knowledge professionals work? How about a team that works every day to create a more transparent, just and inclusive future? At Thomson Reuters, we've been doing just that for almost 160 years. Our industry-leading products and services include highly specialized information-enabled software and tools for legal, tax, accounting and compliance professionals combined with the world's most global news services - Reuters. We help these professionals do their jobs better, creating more time for them to focus on the things that matter most: advising, advocating, negotiating, governing and informing.

We are powered by the talents of 25,000 employees across more than 75 countries, where everyone has a chance to contribute and grow professionally in flexible work environments that celebrate diversity and inclusion. At a time when objectivity, accuracy, fairness and transparency are under attack, we consider it our duty to pursue them. Sound exciting? Join us and help shape the industries that move society forward.

Accessibility

As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.

We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law.

More information about Thomson Reuters can be found on thomsonreuters.com.

Locations

Minneapolis-Minnesota-United States of America;Richmond-Virginia-United States of America

Req #: JREQ137042

Locations: Minneapolis-Minnesota-United States of America|Richmond-Virginia-United States of America

Job Function: Technology Development

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
NAO BDS Cyber Security SOC Analyst

Atos

Posted 1 week ago

VIEW JOBS 9/12/2020 12:00:00 AM 2020-12-11T00:00 About Atos Atos is a global leader in digital transformation with 110,000 employees in 73 countries and annual revenue of € 12 billion. European number one in Cloud, Cybersecurity and High-Performance Computing, the Group provides end-to-end Orchestrated Hybrid Cloud, Big Data, Business Applications and Digital Workplace solutions. The Group is the Worldwide Information Technology Partner for the Olympic & Paralympic Games and operates under the brands Atos, Atos|Syntel, and Unify. Atos is a SE (Societas Europaea), listed on the CAC40 Paris stock index. The purpose of Atos is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space. Job Title: SOC Analyst 1 Location: Richmond VA, or Dallas Texas Overview The Security Operations Center Analyst position is responsible for actively monitoring security threats and risks involving clients' environments. This is achieved through the analysis of logs and alerts from a variety of different technologies (IDS/IPS, Firewall, Proxies, Antivirus, etc.). The analyst will assess each alert for impact, provide notification to the customer, and as applicable provide support to customer or Atos incident response teams. The ideal candidate will be a self-starter, customer focused team player and be able to coordinate and collaborate on multiple issues simultaneously with many stakeholders. The candidate must be able to develop and execute standard operating procedures, playbooks, and job aids required for successful execution. This position works within a 24x7x365 team to deliver monitoring services across multiple customers following defined processes. Responsibilities: * Provide security monitoring and incident response of cyber security events in a highly available Security Operation Center (SOC) that supports and external customers * Respond to cyber security tickets and provide analysis and trending of security log data from security devices and various security tool portals * Monitor and analyze Security Information and Event Management (SIEM) alerts to identify security issues for remediation and investigate events and incidents * Provide recommendations for the tuning of systems and security tools (SIEM,IDS/IPS, EDR, EPP, vulnerability scanner) * Prepare reports of analysis and results to provide briefings to management and clients * Provide Incident Response support when analysis confirms actionable incident * Investigate, document, and report on information security issues and emerging trends Required Qualifications: * Experience working within a Security Operations Center performing network event analysis and/or threat analysis * Possess one or more networking or security certification - Security+, CySA+, CCNA, Network+, GSEC, GCIH, GCFA, GCED, CEH * Minimum of 2 years direct experience performing incident/threat analysis or other tactical cybersecurity experience and 3 years minimum working in the information technology field * Knowledge of various security methodologies and technical security solutions * Experience analyzing data from cyber security monitoring tools * Basic experience in reverse engineering malware behavior and how it spreads * Ability to analyze endpoint, network, and application logs * Experience tuning and/or configuring SIEM and vulnerability tools * Knowledge of common Internet protocols and applications * Experience with virtual and cloud infrastructure a plus * Excellent written communication skills Preferred Qualifications * Bachelor's degree in Computer Science, Computer Engineering, Information Technology or related technical discipline with 2 years of experience are preferred. * Operational experience with security infrastructure products such as Crowdstrike, McAfee ePolicy Orchestrator, McAfee NSM, Tenable Security Center, LogRhythm or Splunk and SOAR technologies * Experience working for a Managed Security Services (MSS) provider in a Security Operations Center * Change oriented - actively generates process improvements; supports and drives changes, and confronts difficult circumstances in creative ways * Customer focus - evaluates decisions through the eyes of the customer; builds strong customer relationship Here at Atos, we want all of our employees to feel valued, appreciated, and free to be who they are at work. Our employee lifecycle processes are designed to prevent discrimination against our people regardless of gender identity or expression, sexual orientation, religion, ethnicity, age, neurodiversity, disability status, citizenship, or any other aspect which makes them unique. Across the globe, we have created a variety of programs to embed our Atos culture of inclusivity, and work hard to ensure that all of our employees have an equal opportunity to contribute and feel that they are exactly where they belong. Atos Richmond VA

Lead Threat And Vulnerability Management Analyst

Carolina Power & Light Co