Key skills
AssemblyCyber SecurityFirewallsPythonPowerShellIdentity ManagementCI/CDPenetration Testing
About this role
Role Overview
- Design, implement, and mature advanced security validation capabilities to safeguard enterprise systems and applications
- Focus on continuous security validation through External Attack Surface Management (EASM) tools
- Provide actionable insights to strengthen the firm’s cyber resilience
- Investigate and reproduce findings from EASM platforms
- Familiarity with open-source techniques and tools for profiling attack surface
- Develop tuning logic for discovery seeds and asset correlation
- Plan and conduct realistic cyberattack simulations that mirror real-world threat actor TTPs across enterprise environments
- Assess BAS outcomes to identify security control gaps, vulnerabilities, and opportunities for improved detection and response
- Develop and communicate prioritized recommendations to strengthen security policies, procedures, and technical controls
- Work with red, blue, and purple teams, as well as incident response and threat intelligence groups
- Leverage threat intelligence to inform EASM scenarios and proactively address emerging threats
- Contribute to the identification, prioritization, and remediation of vulnerabilities based on simulation and testing results
- Maintain detailed documentation of ASM & BAS methodologies, procedures, and findings
- Design, develop and maintain CI/CD Pipeline(s)
- Design and Execute automation scripts
Requirements
- Bachelor’s degree and five years of experience in systems engineering or administration or an equivalent combination of education and work experience
- In-depth knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security
- Previous experience in planning and managing IT projects
- Experience with Breach and Attack (BAS) or Continuous Security Validation (CSV) tool(s)
- Bachelor’s degree and twelve years of experience or an equivalent combination of education and work experience
- Banking or financial services experience
- Experience in designing and executing Attack Scenarios
- Strong understanding of cybersecurity concepts, including attack vectors, TTPs, and security controls
- Hands-on experience with architecting, maturing, and automation
- CI/CD pipeline end to end lifecycle
- Experience with penetration testing, vulnerability management, and security tools.
- Proficiency in scripting for automation, data wrangling and enrichment (e.g., Python, PowerShell).
Tech Stack
- Assembly
- Cyber Security
- Firewalls
- Python
Benefits
- Medical
- Dental
- Vision
- Life insurance
- Disability
- Accidental death and dismemberment
- Tax-preferred savings accounts
- 401k plan
- 10 days of vacation
- 10 sick days
- Paid holidays
- Defined benefit pension plan
- Restricted stock units
- Deferred compensation plan