Job Description
Who we are looking for
The Purple Team Engineer will perform as a member of the Offensive Security team within the Global Cyber Security group. The Purple Team Engineer will participate in comprehensive assessments of the operational and technical prevention and detection capabilities and will assist in the review, development, testing, and implementation of security initiatives across a large, diverse, and complex financial environment.
What you will be responsible for
1. Individuals who work on a purple team work together using offensive and defensive methods to identify weaknesses and recommend necessary measures to improve security prevention and detection.
2. Use simulation tools to script and execute attack path campaigns.
3. Support the creation of detection rules and alerts to reduce risk.
4. Prepare final security assessment reports containing the results and findings from the assessment.
5. Conduct follow-up and assist with resolution of all findings, as needed.
What we value
1. Perform Infrastructure and Application Penetration Testing.
2. Deep knowledge of attack frameworks, such as MITRE ATT&CK.
3. Execute Vulnerability Scanning.
4. Cloud Security Concepts.
5. IT and Network infrastructure technologies.
6. Familiarity with various penetration test utilities and tool suites.
7. Ability to perform light programming tasks using common languages such as Python and Bash.
8. Demonstrated ability to identify core issues and work with leaders and team members to resolution.
9. Strong organizational, task switching, and prioritizing skills.
10. Ability to work independently and solve challenging problems while collaborating with stakeholders.
11. Knowledge and interest in current vulnerability-related trends.
12. Attention to detail.
13. Driving to results.
14. Collaboration and influencing.
15. Working professionally with confidential information.
16. Presentation skills, both orally and written.
17. Ability to work well with others and under pressure.
18. Demonstrated professionalism in approach to communicating ideas and solutions in simple language.
Experience Desired
Education: Bachelor's
1. 3+ years of network and/or application penetration testing, CTI, Threat Hunting, and/or Incident Response.
2. 5+ years of experience in security/systems/network engineering and/or development.
3. 2-3 years of SIEM content creation.
CEH, OSCP, CISSP, or equivalent preferred. #J-18808-Ljbffr