Cryptographic vulnerability analyst job description

With us, you'll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it - we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.

Come build your future, while being the reason millions of people find a brighter financial future with Discover.

Job Description

At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers and is consistently awarded for both. We're all about people, and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career.

As a Vulnerability Analyst you will be responsible for compliance/vulnerability management framework, program optimization, evaluating vulnerabilities, remediation metrics reporting and assessing threats severity and impact on corporate assets.

Responsibilities

• Works independently to scope vulnerable bodies of technologies, identify weaknesses, severity and impact, and recommend paths to remediation

• Learns advanced Cybersecurity concepts including new and modern threat exploitation techniques of inside and outside bad actors

• Contributes to actionable intelligence in the form of reports, notifications, alerts and briefings

• Achieves team commitments (and influence others to do the same) by using informal leadership & highly developed communication skills

• Mentors novices by providing learning tasks as well as work related tasks, directs the work of advanced beginners, and helps them continue to grow

• Contributes to and leads security discussions at Discover. Has oversight on program impacting decisions. Guides team to achieve key results for assessment assignments

Minimum Qualifications

At a minimum, here's what we need from you:

• Bachelors - Computer Science, Information Security, Business or Analytics

• 4+ years - Information Security, Cybersecurity, Computer Science, Data Analytics or related

• In lieu of a degree 6+ Years - Information Security, Cybersecurity, Computer Science, Data Analytics or related

• Internal applicants only: technical proficiency rating of competent on the Dreyfus cybersecurity scale

Preferred Qualifications

If we had our say, we'd also look for:

help us elevate our Data Loss Prevention (DLP) Program to the next level using your:

• • Understanding of network, endpoint and email DLP tools.
  • Experience analyzing and defining DLP policies which protect our data while still enabling our business.
  • Knowledge of data classification and labeling.
  • Ability to think objectively to identify and drive program enhancements.

External applicants will be required to perform a technical interview.

#L1-IR1 #Remote #BI-Remote

What are you waiting for? Apply today!

The same way we treat our employees is how we treat all applicants - with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.

The Challenge:

Are you looking for an opportunity to use your technical expertise and grow your skills to provide technical solutions in support of our warfighters? We're looking for a close access vulnerability analyst to help test security, provide training, and help to maintain the security critical US Military operating systems and facilities.

As a close access vulnerability analyst on our project, you'll work with other technical experts to help our customer overcome tough challenges and help improve the readiness of military units to perform their roles. Your communication skills will come in handy as you share your experience and work as a vital member of a team to solve daily challenges as we support and improve the US Military.

Empower change with us.

You Have:

* 3+ years of experience with Military Intelligence (MI) or Counterintelligence (CI)

* Knowledge of physical security and operations security (OPSEC) factors as they relate to information assurance and force protection

* Ability to coordinate, facilitate, and develop training materials and products in accordance with government provided guidelines

* TS/SCI clearance

* HS diploma or GED

* DoD Approved 8570 Information Assurance Technician (IAT) Level I Certification

Nice If You Have:

* Experience providing vulnerability assessments of computer systems, network architectures, policies and procedures, applications, or facilities

* Experience with photography

* Experience with creating and maintaining adversary emulation toolsets

* Knowledge of Red Teaming, penetration testing, or exploiting technical and human based security vulnerabilities

* Bachelor's degree

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

Build Your Career:

At Booz Allen, we know the power of analytics and intelligence. When you join Booz Allen, we'll help you develop the career you want.

Challenging projects - Whether training analysts on military equipment through VR technology; developing a simulation capability to allow teams to rehearse missions together; or integrating RFID tags into mobile devices to enable data access within a geo parameter, you'll get to solve some of the world's toughest problems.

Meaningful work - Use your skills to empower change. Your work will keep citizens and warfighters safe and well both at home and abroad.

State-of-the-art technology - Broaden your intelligence capabilities with digital forensics, telematics, precision navigation, secure mobile operations, and advanced analytics.

New skills - In-house experts and partnerships with tech leaders, like Nvidia and Splunk, mean you can get practical experience with advanced GPU technologies, cyber security, and data science.

Room to grow - You'll be inspired to grow your career while making your ideas a reality thanks to new opportunities across the U.S. and abroad, encouraging mentors, and collaborative colleagues.

We're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Berkley Technology Services (BTS), a member company of W. R. Berkley Corporation, has facilities located in Des Moines, Iowa and Wilmington, Delaware, and global reach into UK/Europe, Latin America, and Asia Pacific region. BTS provides results-driven software applications, system connectivity, and world-class operational support across the enterprise. Offering an entrepreneurial and innovative culture, we encourage team members to think outside the box to deliver high-quality solutions. Additionally, we provide a competitive compensation and benefits package, including a casual dress code and flexible work arrangements. BTS is constantly growing and expanding to meet the changing demands of one of the most successful insurance organizations in the world. Visit us at www.berkley-bts.com to learn more about BTS and the career opportunities we have available!

Berkley Technology Services (BTS) has a job opportunity available for a Team Lead for Vulnerability Management and Penetration Testing to join our team in our Wilmington, DE office location (remote* remote available for the right candidate). We're looking for a versatile and hands-on engineer with cross-vertical technical expertise encompassing penetration testing strategy and execution, vulnerability management, static code analytics, and policy compliance. Here, you'll sit directly at the intersection of technical innovation and business engagement. You'll actively partner with our engineers along with our Security Management and Senior Leadership teams to lead initiatives across our highly distributed, multi-national footprint. You'll engage in both project execution and project leadership, working side by side with our Director of Vulnerability Management to ensure the fluid continuity of compliance programs across the enterprise. And as we continue to standardize our security posture, you'll have opportunities to influence change and see the impact of what you're doing each and every day to secure our global infrastructure.
On our team, you will:

+ Lead initiatives and projects to support and enhance our penetration testing capabilities across an expansive environment that includes web and desktop applications as well as mobile and network devices

+ Manage infrastructure scans and vulnerability assessment initiatives from project initiation to completion, optimizing the use of tools like Tenable, Rapid 7, and Qualys

+ Bring your ideas forward, evaluating how to optimize the tools we're using and exploring technologies that could continue to enhance our security posture and ensure solutions scalability

+ Develop and lead projects to continually analyze source code, pinpointing and remediating potential vulnerabilities upon discovery

+ Manage compliance scanning process across the enterprise to identify and remediate potential risks and vulnerabilities as expeditiously as possible

+ Continuously communicate that status of our security compliance projects and programs to provide updates and obtain buy-in from global engineering, business, security management, and senior leadership teams

+ Minimum of 5+ years of experience in Information Security or a related role encompassing security compliance, penetration testing, vulnerability management, and/or static code analysis

+ Prior experience leading projects and/or as a supervisor or team lead preferred

+ Bachelor's degree in Computer Science, Information Security, Network Engineering, or a related technical discipline required; prior related technical experience may substitute for education

+ Demonstrated familiarity with common compliance frameworks including PCI, DSS/SOX, General Data Privacy Regulation (GDPR), NYS DFS 23 NYCRR Part 500, and/or ISO 27001/27002

+ Proven ability to engage with and secure buy-in from business, technical, and executive stakeholders required

+ Demonstrate proficiency in Linux (Kali), the Metasploit framework, and with common Kali standard tools such as nikto, dirbuster, sqlmap, and/or nmap

+ Travel to our Wilmington, DE office at least once monthly for 5 consecutive days would be required if working remotely.

The Company is an equal employment opportunity employer.

COVID-19 vaccine required unless prohibited by law.


Name: Berkley Technology Services LLC

Name: DE, Wilmington

Street: 101 Bellevue Parkway

Industry:

Insurance

Seniority Level:

Mid-Senior Level

Job Functions:

Information Technology

Employment Type:

Full-Time