Associate, Cybr Sec ThreatMgmt

• Working with the wider technology teams to improve technology hygiene and reduce the attack surface.

• Design and run exercise campaigns based on industry specific threat intelligence and vulnerabilities.

• Provide continuous learning and training opportunities for the Global Threat Management team as a result of continuous exercise campaigns.

• Act as an integral driver of the cyber operations development programme, benchmarking results against industry standard frameworks including MITRE and NIST.

• Configure and safely utilize attack tools, tactics, and procedures against a simulation lap.

• Develop scripts, tools, or methodologies to enhance purple teaming capabilities.

• Help to execute the Purple Team strategy to further enhance the security posture of the firm.

• Effectively communicate findings and strategy to stakeholders including technical staff, executive leadership.

• Relevant experience in information security and adversary simulation.

• Detailed knowledge of global cyber threats, threat actors, and the tactics, techniques and procedures used by cyber adversaries, specifically those targeting the financial services sector.

• Experience in large scale information technology implementations and operations preferred.

• Industry certifications such as OSCP, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN.

• Proficient in exploitation and post exploitation frameworks such as Cobalt Strike, Metasploit Framework, Empire.

• Proficient in one or more of the following scripting languages (Python, PowerShell, Bash, Ruby)

• Advanced knowledge of Windows Operating System architecture and internals.

• Strong knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux, Mainframe, Cloud Service Providers, Relational Databases, Data Warehouses, and filesystems.

Northern Trust