Security Engineer, Threat Security Modeling (US Remote) at Experian #vacancy #remote

Company Description

Experian is the world’s leading global information services company. During life’s big moments – from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers – we empower consumers and our clients to manage their data with confidence. We help individuals to take financial control and access financial services, businesses to make smarter decisions and thrive, lenders to lend more responsibly, and organizations to prevent identity fraud and crime.

We have 20,000 people operating across 44 countries and every day we’re investing in new technologies, talented people, and innovation to help all our clients maximize every opportunity.

Job Description

As a Security Engineer within the Threat Informed Defense (TID) Team, you’ll play a pivotal role in securing our critical business applications. You’ll be tasked with conducting thorough threat modelling exercises, identifying potential vulnerabilities, and enumerating relevant threat scenarios. Leveraging this information, you’ll design and implement effective detection strategies that bolster our defense mechanisms against evolving cyber threats. Your work will directly contribute to the continuous improvement of our security posture, ensuring the integrity and resilience of our digital assets.

Key Responsibilities:

  • Conduct comprehensive threat modelling of business-critical applications to identify potential security vulnerabilities and risks.
  • Enumerate relevant threat scenarios based on structured threat intelligence, industry trends, and the evolving cyber threat landscape.
  • Design and implement effective detection strategies for identified threats, focusing on minimizing potential impact and enhancing response capabilities.
  • Collaborate with the Cyber Threat Intelligence team to prioritize threat scenarios and align detection efforts with the current threat environment.
  • Work closely with cross-functional teams, including software development, operations, and IT, to integrate security considerations into the broader technology landscape.
  • Continuously monitor and evaluate the effectiveness of implemented detections, adjusting strategies as necessary to address emerging threats and vulnerabilities.
  • Develop and maintain documentation related to threat modeling exercises, detection strategies, and security protocols to ensure knowledge sharing and best practices within the team.
  • Participate in security incident response activities as required, providing expert analysis and recommendations for mitigating and preventing future threats.
  • Stay abreast of the latest cybersecurity trends, tools, and technologies, advocating for the adoption of innovative solutions that enhance our defensive capabilities.

Qualifications

  • Extensive Cybersecurity Experience: At least 8 years of experience in the cybersecurity field, with at least 3 years of experience building Cyber Threat Detections. This experience should encompass a broad understanding of cyber threats, defense mechanisms, and the cybersecurity landscape.
  • Cyber Threat Intelligence and Threat Modeling: Demonstrated expertise in leveraging cyber threat intelligence to inform detection strategies and conduct threat modeling on critical business applications. Proven ability to design and implement effective detection mechanisms within complex IT environments using SPL, KQL and SQL.
  • Technical Cybersecurity Skills: A strong technical background in cybersecurity technologies and methodologies, with a particular focus on threat intelligence, detection, response, and prevention.
  • Analytical and Problem-solving Abilities: Excellent analytical, problem-solving, and decision-making skills, capable of translating complex threat data into actionable defense strategies.
  • Communication and Collaboration: Effective communication and collaboration skills, with experience working across functional teams and engaging with all levels of management to integrate security practices.
  • Knowledge of Cybersecurity Frameworks and Standards: Familiarity with common cybersecurity frameworks, standards, and best practices, including but not limited to NIST.
  • Relevant Cybersecurity Certifications: Possession of relevant cybersecurity certifications (e.g., CISSP, CISM, GIAC) is highly desirable, demonstrating a commitment to professional development and expertise in the field.
  • In-depth Knowledge of MITRE ATT&CK Framework: In-depth knowledge and experience in implementing the MITRE ATT&CK framework within security operations. This includes the ability to use the framework for threat modeling, detection strategy development, and enhancing overall security posture by understanding and mitigating tactics, techniques, and procedures (TTPs) used by adversaries.
  • Well established client-focused communication skills that requires to read, review, investigate, and summarize reports on complex issues, in a manner that can be understood by non-technical readers.
  • Ability to lead content discussion around incident response and around system architecture and design and effectively coordinate communications.

Additional Information

All your information will be kept confidential according to EEO guidelines.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and and it reflects what we believe. See our DEI work in action!

Please contact us at to request the salary range of this position (please include the exact Job Title as it reads above in your email). In addition to a competitive base salary and variable pay opportunity, Experian offers a comprehensive benefits package including health, life and disability insurance, generous paid time off including 12 company paid holidays and parental and family care leave, an employee stock purchase plan and a 401(k) plan with a company match.

Experian Careers – Creating a better tomorrow together

Find out what its like to work for Experian by clicking here

Security SQL GIAC kql spl Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP)

Leave a Reply