Job Information
Prudential Ins Co of America Lead, Cyber Security Operations in Newark, New Jersey
Job Classification:
Technology - Information Security
Are you interested in building capabilities that enable the organization with innovation, speed, agility, scalability, and efficiency? The Global Technology team takes great pride in our culture where digital transformation is built into our DNA! When you join our organization at Prudential, youll unlock an exciting and impactful career all while growing your skills and advancing your profession at one of the worlds leading financial services institutions.
Your Team & Role
As a Cyber Security Operations Lead, you will partner with other security professionals across the Information Security Office, the Chief Technology Office, and other groups in Prudential to provide guidance and partner with analysts on various teams to develop integrations, correlations, processes, and SIEM content to better protect the environment.
In addition to the traditional SOC responsibilities of event analysis/management, you will have opportunities to provide feedback to improve the configuration of the tools/products used by the CSOC to better the defensive operations of Prudential as an organization. You will work on significant and unique issues where analysis of situations or data requires an evaluation of intangible variables and may impact future concepts, products, or technologies to ensure security of our products and customers! In addition to advanced technical/management expertise/experience, you will bring excellent problem solving, communication and teamwork skills, along with agile ways of working, strong business insight, an inclusive leadership attitude and a continuous learning focus to all that you do.
Here is What You Can Expect on a Typical Day
Function as one of the shift Lead Analyst, acting as the reports to manager of the other analysts on the lead shift while reporting into the CSOC VP.
Lead the day-to-day operations and serve as an escalation point for the team, while guiding and transferring knowledge to more junior team members.
Leverage Security Operations and tool/process specific knowledge to resolve complex technical/process/people issues the team faces.
Lead and plan knowledge sharing with Analysts while developing solutions/processes/detections efficiently.
Conduct network, endpoint, and log analysis by using various consoles regularly (e.g., SIEM, IPS, firewall, EDR, Advanced malware detection etc.).
Analyze potential security incidents to resolve impact/scope of the incident, leading the team through complex analysis and incident containment activities.
Maintain the integrity and security of enterprise-wide cyber systems and networks by coordinating internal team and larger Prudential resources during triage/incident containment efforts.
Partner closely with the Hunting, Threat Intelligence, and Detection Engineering teams to operationalize new use cases, detections, and intelligence.
Qualifications:
Bachelor of Computer Science or Engineering, Information Security, Information Technology, or experience/degree in related fields.
Ability to mentor others with minimal guidance and effectively leverage diverse ideas, experiences, thoughts, and perspectives to the benefit of the organization.
Experience with agile methodology and Test-Driven Development (TDD).
Knowledge of business concepts tools and processes that are needed for making sound decisions in the context of the company's business.
Ability to learn new skills and knowledge on an ongoing basis through self-initiative and tackling challenges.
Advanced experience and/or expertise with several of the following:
Direct background or experience with higher tiers of Cyber Security Operations, with direct exposure to Security tooling, having worked in a SOC like environment previously.
Documentation/process experience, in IT or Cyber Security.
Effective oral and written communication skills.
Effective problem solving & analytical skills proven in an IT or security related area.
Team player that can work with team members and businesses around the world in different time zones with a diverse cultural background while being supportive of local customs.
Demonstrated passion about the information security field and cyber defense, including commitment to training, self-study, and maintaining proficiency in the technical cyber security domain.
Demonstrated prior team leadership, preferably in a SOC/IR context.
Innovative and willing to raise unique/original ideas.
Knowledge of Splunk (ES) and Splunk certifications a huge plus.
Exposure to/knowledge of other SIEM/SOAR tooling a plus.
Demonstrated previous systems, cloud, endpoint, network, and server experience, prior administration of said tools/systems a plus.
Familiarity with sandboxing solutions and malicious file analysis. Prior work with malware labs/sandboxes a plus.
Prior exposure/experience with Cyber Threat Intelligence a plus.
Deep understanding of IT Security practices/programs/tooling, with demonstrated examples of driving initiatives forwards.
Automation experience a major plus, especially in a SOAR or SOC/IR context.
Preferred qualifications:
IT Security certification beyond intro level certifications, (e.g., GCFA, GCIA, GNFA, GCTI, GREM, GCIH, GCFA, GPEN, OSCP, etc.).
Cloud (AWS, Azure, GCP, etc.) Certs.
Other Security Certifications beyond intro level.
Scripting background (Python, PowerShell, bash, etc.).
Applied Experience with multiple of the Following:
Cyber Security Operations Analysis and Management
Digital Forensics
Cyber Incident Response
Threat Hunting and Adversary Emulation
DFIR Automation and Engineering
Cyber Threat Intelligence
Youll Love Working Here Because You Can
Join a team and culture where your voice...
Equal Opportunity Employer - minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity