Jobs · Information Technology · New Jersey

Cyber Defense, Adversary Emulation

Mizuho · Iselin, NJ · 2 wk ago
HybridInformation Technology$111k–$185k/yrFull-time

About the role

The role serves as a senior leader within the Cyber Defense organization, overseeing the Threat and Vulnerability Management (TVM) program for Mizuho Americas Services. This includes partnering with Information Security, Infrastructure, Application, and third-party teams to identify, prioritize, and remediate threats and vulnerabilities across the enterprise.

Responsibilities

  • Oversee the Threat and Vulnerability Management program
  • Prioritize work amongst full-time staff and third-party resources
  • Oversee tools, technologies, and processes related to threat management
  • Ensure effective reporting of security activities, reporting status, risks, issues, and escalations to senior leadership
  • Manage relationships with other Security, Infrastructure, and Application teams to identify, mitigate, and remediate vulnerabilities and other threats in the environment
  • Provide expertise on Security Incidents
  • Map TTPs and CVEs to identified threats and prioritize appropriately
  • Recommend and implement enhancements to existing processes, focusing on automation and integration between other security tools
  • Ensure comprehensive threat identification of the entire Mizuho enterprise
  • Review daily, weekly, and monthly security reports for any anomalies or issues
  • Maintain documentation on security architecture, procedures, configurations
  • Project based work
  • Provide feedback to MAS teams to implement well-engineered solutions to improve security posture
  • Identify workflow areas to proactively address potential vulnerabilities
  • Work with colleagues and vendors to assess different technologies and determine their impact within the Mizuho environment
  • Provide security requirements for the design, development, engineering, and implementation of hardware, networks, and applications
  • Conduct lessons learned exercises and RCAs after security incidents, detection of major system vulnerabilities, and ongoing compliance violations
  • Analyze threat intelligence, vulnerability and security assessments; produce vulnerability reports and work with IT teams to correct or mitigate found deficiencies

Qualifications

  • At least 10+ years’ security domain related experience, preferably within a financial services firm
  • 5+ years of experience in a similar position
  • Proven experience in a vulnerability management program within a large enterprise
  • Strong understanding of cybersecurity risk management and information security standards (SOX, NIST, FISMA, etc.)
  • Ability to manage and use various scanning technologies across different layers of the tech stack, such as SAST, DAST, cloud infrastructure
  • Strong understanding of OWASP and other common Application Security issues and frameworks
  • Fundamental understanding of vulnerability reporting and management processes or tools
  • Solid grasp and understanding of vulnerability scoring and classification methodologies
  • Excellent communication and leadership skills, with the ability to manage and prioritize multiple projects and initiatives
  • Strong knowledge of internet, web, application and network security platforms
  • Strong knowledge of Linux & Windows operating system and security functions
  • Strong knowledge of Cloud Deployment and management
  • Develop, document, and maintain policies, procedures, and training plans for system administration and appropriate use
  • Strong written and verbal communication skills

Additional Qualifications

  • Possess security certifications (CISSP, CISM, CISA, GSEC, etc.)
  • Experience with project management and industry best practices
  • Experience working within the Financial Services industry
  • Experience in support projects and able to handle issues against defined SLA / KPI
  • Clear communication & presentation skills, and the ability to articulate complex issues concisely
  • Leadership, relationship-building and influencing skills to drive agendas across a number of teams
  • Proven track record of effectively interacting with senior management
  • To work strategically and collaboratively across departments
  • Excellent organizational skills with the ability to multi-task, prioritize competing demands, be versatile and action-oriented

Pay

The expected base salary ranges from $111k-$185k. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications and licenses obtained. Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, successful candidates are eligible to receive a discretionary bonus.

Similar jobs

Cyber Defense

MizuhoNew York, NY· 1 wk ago
Information Technology$325k–$350k/yrapply on mizuho.wd1.myworkdayjobs.com