Your responsibilities

• Design CTM, LTM and PTM related to SOC services for the SOC clients
• Lead deployments of SOC big data solutions to the client and required technical integration with their ecosystem.
• Updating SOC design documentation
• Lead the technical team to deliver successful SOC services at client location
• Liaise with the client data security team in finalizing the SOC services and take them through implementation
• Work with delivery team to ensure integration of the project into operations
• Key presenter to clients during executive SOC tours, along with other key executives and SOC management
• Proposing and leading improvements of SOC services in line with dynamic regional and global cyber risk profiles and the global network
• Raise and resolve any architectural issues/risks that could have implications against the cyber security strategy of clients
• Key advisor to the SOC manager and SOC steering committee of any SOC innovation and technology adoption, through to integration
• Provide governance during EY SOC services deployment and test phases at clients site to ensure compliance with and appropriateness of the security architecture

The must-have skill sets

• 6+ years of relevant Analytics consulting or industry experience
• At least 2 years experience working with SparkCognition, Expert System, Microsoft Cognitive Services, IBM Watson, Numenta, Deepmind, CognitiveScale, CustomerMatrix, IPSoft, Pega, Salesforce Einstein, Google Cloud Platform/Tensor Flow, or Amazon Web Services/Sagemaker, and common open-source scripting languages
• At least 6 months experience working with Amazon Lex or IPSoft Amelia
• At least 2 years of experience in Natural Language Processing (NLP), Linguistics, Advanced Semantic Design
• Demonstrated expertise with at least 3 full life cycle analytics engagement across strategy, design, and implementation.

Qualification (Not Mandatory)

• 5+ years of working experience in SOC/Enterprise Cybersecurity Architect role
• Expert in big data applications and platforms
• Strong open source technology experience and Strong networking and application knowledge
• Strong solution and systems architecture experience
• Run technology roadmap (fits to service roadmap / portfolio)
• Good knowledge of various security architecture methods such as Enterprise Architect Frameworks like TOGAF, SABSA, etc
• Ability to explain business principles of secure system designs in terms of business risk
• Network monitoring technology platforms such as Fidelis XPS, RSA or others
• Knowledge of End point protection tools, techniques and platforms such as CarbonBlack, Symantec, McAfee or others
• Internationally recognized technical certifications in relevant areas
• Hands-on experience with TCP/IP, switching, routing, security concepts, WAN and LAN concepts, Routing Protocols, Firewall Security policies
• Hands-on experience with industry leading network management platforms
• Practical experience on customer service processes and solving

Equal employment opportunity

Your responsibilities

• Monitor daily intelligence operations feeds and responsible for identification, analysis, processing, and distribution of intelligence related to threats and vulnerabilities
• Develop and produce written tactical and strategic intelligence reports including data from intrusions, lateral movement, malware, DDoS, unauthorized access.
• Strong experience analyzing and synthesizing actionable threat intelligence via open-source tools.
• Ability to identify, create, execute, and adjust standard operating procedures for day-to-day operations.
• Development and maintenance of detection scripts, rules, and signatures; Suricata, SIEM alerts and host-based intrusion detection signatures (Windows, Linux, Firewall, VPN, Proxy, Apache, IIS)
• Respond to high-priority requests for information/intelligence
• Support incident investigations
• Research and document exploitation tools and threat actor tactics for use by incident responders.

The must-have skill sets

• Experience performing threat intelligence activities
• Working knowledge of network monitoring and network exploitation techniques, forensics, and intrusion detection
• Intimate knowledge of the MITRE ATT&CK Framework, Cyber Kill Chain, Diamond Model of Intrusion Analysis, or other relevant network defense and intelligence frameworks
• Ability to demonstrate analytical expertise, attention to detail, and critical thinking. Ability to apply structured analytic techniques to complex problems
• Experience working with a SIEM with varied log sources to research events
• Expertise with Sysmon and Linux audit events
• Knowledge of one or more scripting languages for automation and complex searches

Qualification (Not Mandatory)

• Ability to work independently and manage multiple task assignments.
• Strong oral and written communication skills.
• Strong problem solving and troubleshooting skills with the ability to exercise mature judgment.

Equal employment opportunity

Your responsibilities

• Compromising the target’s security by extracting information, infiltrating its systems, or breaching its physical perimeters.
• Avoiding detection by the blue team. Many attacks occur over a fleeting period of time, making it extremely tricky for the blue team to neutralize the threat before the ‘damage’ is done.
• Exploiting bugs and weaknesses in the target’s infrastructure. This highlights gaps in the organization’s technical security that require fixing, thus improving its security posture.
• Initiating hostile activity – including sophisticated penetration testing – giving a reliable assessment of the blue team’s defensive capabilities.

The must-have skill sets

• Initial reconnaissance – open-source intelligence (OSINT) for collecting information on the target.
• Deploying command-and-control servers (C&C or C2) to establish communication with the target’s network.
• Using decoys to throw the blue team off the scent.
• Applying social engineering and phishing techniques to manipulate employees into exposing or revealing information to compromise their machines.
• Physical and digital penetration testing
• Network penetration testing and manipulation of network infrastructure
• Shell scripting or automation of simple tasks using Perl, Python, or Ruby
• Developing, extending, or modifying exploits, shellcode or exploit tools
• Reverse engineering malware, data obfuscators, or ciphers
• Thorough understanding of network protocols, data on the wire, and covert channels
• Mastery of Unix/Linux/Mac/Windows operating systems, including bash and PowerShell
• Build security tools and Automation Red Teaming Workflow
• Utilize Threat Modelling methodologies to identify threats and shape Red Team operations
• Understanding of Mitre’s ATT&CK Framework
• SANS and Offensive Security certifications are highly desirable
• Web Penetration Testing (OWASP and SANS)

Equal employment opportunity

Your responsibilities

• You will create processes and tools to monitor and analyze model performance and data accuracy. All the time, balancing time to deliver with level of detail and accuracy.
• Working with different functional teams, you’ll implement your models and monitor their outcomes – making sure we’re conforming to data security standards at all times. Thinking about the newest technology, you’ll make sure we’re maximizing our efficiency and productivity and provide subject matter expertise across the business whenever it’s needed.

The must-have skill sets

• Bachelor’s degree in Analytics or related quantitative fields (statistics, operations research, mathematics, econometrics etc.). An advanced degree is preferred.
• Minimum of 3 years of experience preferred working with modelling techniques and advanced applied skills. For example, significance testing, GLM/Regression, Random Forest, Boosting, Trees, text mining and social network analysis, using tools like Spark, Scala, SAS, R, Python, Bayesia, H2O, Storm, Yarn, and Kafka
• 2-3 years of experience in applied data science role or equivalent. CPG, Telecom or Financial services preferred.
• Experience using key external third-party data sources including Nielsen/ IRI/ Storeviews, Kantar, Homescan Panel, Retail Execution, Shopper card, first party data and consumer surveys
• Experience querying databases (SQL, Hive) and working with big data platforms such as Hadoop ecosystem (Azure), including in-memory solutions (SAP HANA and Apache Spark)
• Working knowledge of data visualization tools such as Tableau, Power BI, D3, ggplot, to deliver output to the broader business community to improve decision making and productivity
• Strong communication and presentation skills

Equal employment opportunity

Your responsibilities

• Drive innovation in securing Truist’s Application Programming Interface (API) ecosystem, incorporating pragmatic security architecture solutions to meet business requirements that best balance business agility, operational costs, and security risk
• Become a trusted partner with enterprise API stakeholders
• Partner with stakeholders, Subject Matter Experts (SMEs), and Enterprise Architecture to design and deliver target API security architecture models and documentation, as well as reference implementations, in alignment with organizations policies, standards and procedures
• Evolve and mature Truist’s API security tools, policies, standards and practices
• Serve as an evangelist for secure API practices, communicating with individuals with individuals both at the technical and executive levels, and training internal resources as needed
• Engage business and technology stakeholders at all levels to gather long term goals and requirements
• Collaborate with internal customers, influencing and driving solutions towards API target security architecture
• Develop API security patterns so as to support our platform and software designs
• Build an executable API Security roadmap, aligning the roadmap to a Security Maturity Model, and driving the implementation of the milestones
• Integrate API security personnel, processes and technology at all stages of the Software Development Life Cycle (SDLC)
• Be a key member of the team driving the API Security Architecture for the enterprise
• Lead Truist’s API ecosystem towards industry leading practices around managing cyber risks and delivering API security
• Perform security assessments of API platforms, environments, vendor solutions, and individual API implementation based on industry frameworks and corporate standards
• Contribute new intellectual capital to Truist through deep specialization in the API Security Architecture technical domain.

The must-have skill sets

• Bachelor’s degree and 7 years of experience in development or an equivalent combination of education and work experience. In-depth knowledge in information systems and ability to identify, apply, and implement best practices
• 3 years of cyber information security experience focused on API-related areas such as identity federation leveraging OAuth 2/Open ID Connect, API token/key management, data-in-transit encryption, API filtering/validation, and broader information security concepts such as segregation of duties and least privilege
• 2 years of experience architecting, engineering, and/or implementing highly performant, secure, and scalable enterprise grade APIs, delivering solutions, leveraging API tools, and deploying API vendor products
• 2 years of hands on API development experience
• 2 years of experience driving security architectures in a modern SDLC, DevOps environment, de-coupling applications and data using approaches such as micro-services, service mesh, and integrating DevSecOps into the SDLC
• 1 year of experience drafting and delivering enterprise policies, standards, and mature, repeatable processes and practices
• Excellent communication and persuasion skills (verbal and written), including presentations, discussions, and documentation (artifacts) that is targeted and can relate to the intended audience
• Understanding of multiple information technology disciplines/processes related to the position.
• Experience applying and utilizing enterprise architecture standards. Understanding of key business processes and competitive strategies related to the IT function
• Ability to plan, manage, and drive projects and architecture efforts
• Ability to solve complex problems by applying best practices
• Ability to provide direction and mentor less experienced teammates
• Ability to interpret and convey complex, difficult, or sensitive information

Qualification (Not Mandatory)

• 2 years designing, implementing, and operating API management / security tools such as Mulesoft, Apigee, and/or DataPower
• Bachelor degree in Computer Science/Software Engineering or related field
• 2 years of experience architecting, engineering, and/or implementing solutions built in Cloud Service Provider (CSP) environments such as Amazon Web Services (AWS) and Microsoft Azure
• Broad range of cyber security experience in a variety of areas, such as Identity and Access Management, Data Protection, logging / monitoring, and network segmentation
• Broad range of Information Technology experience in a variety of areas, such as application development, systems management, database design, resiliency
• Public cloud vendor certifications (such as AWS Certified Solutions Architect or Microsoft Azure Architect Technologies)
• Experience with API and cyber security industry standard/guidelines such as OWASP API Security Top 10 guidelines, OpenAPI Specification, NIST 800-53 framework, and other Information Security tools/frameworks (such as National Vulnerability Database

Equal employment opportunity

Your responsibilities

• Assist with and provide recommendations on developing cyber security strategies, conducting reviews of existing technologies and systems cyber security implementation.
• Recommend and establish innovative cyber security models, processes and procedures.
• Help clients to mitigate cyber risk and threats.
• Provide counselling/coaching, oversight, and support for delivery teams and staff.
• Communicate and manage client needs and expectations in all phases of their information security solutions.

The must-have skill sets

• Minimum 8 + years of relevant Cyber Security experience.
• Working knowledge of Security Architecture for infrastructure components (networks and servers) as well as applications and data.
• Good understanding of Security technologies and Security threats.
• Should be comfortable working in a team and independently.
• Should possess strong analytical and problem solving skills.
• Should have relevant Information Security Certifications CISSP, CISM, CRISC, CEH etc.
• Excellent listening, verbal and technical writing skills.
• Understanding of TOGAF, SABSA, NIST Cyber Security Framework etc.

Equal employment opportunity

Your responsibilities

• Report information security risks in a manner that meets compliance and regulatory requirements (SOX, HIPAA, FERPA, CIPPA, EU Data Protection).
• Collaborate closely within the matrix organization including legal counsel to achieve the organizations’ compliance with data privacy laws.
• Accountable for or oversight of catalog of data types, locations and access credentials across the organization’s platforms and products.
• Communicate effectively with senior leadership, audit committee and board of directors regarding information security compliance and defense action plans.
• Ensure effective tracking violations of privacy and security violations, gaps or concerns.
• Ensure security and privacy of customer data is achieved and articulated to the customers.
• Promote utilization of industry standards and best practices.
• Manage complex business relationships and providing exceptional service and expertise..
• Bachelor’s degree in Computer Science, Information Security, IT or other relevant field.
• Minimum of 10 plus years of progressive experience leading key initiatives and strategies in information security, cyber threat operations, incident management, or other related field.
• With ten or more years of successfully leading and developing teams in midsize to large organizations ideally with experience in transformational activities.

The must-have skill sets

• Demonstrated experience leading cyber threat operations teams in the areas of emerging threat identification, incident response, and developing innovative mitigation strategies as well as demonstrated experience in the quantification and measurement of information security risks.
• Ability to create and think about a process that may not exist.
• Business acumen, ability to partner and have conversations with customers.
• Deep knowledge of information security technologies, compliance and regulatory matters, information governance and privacy best practices.
• Strong executive presence and communication skills.
• Experience interacting with senior C-suite leaders is required.
• Established relationships within cybersecurity, law enforcement, and business communities is a plus.

Equal employment opportunity