Threat Emulation and Exploit Engineer
Vanguard · Dallas, TX · 1 mo ago
HybridEngineeringFull-time
About the role
Threat Emulation and Exploit Engineers within the Enterprise Security and Fraud (ES&F) sub-division of Global Risk and Security (GR&S) at Vanguard are responsible for leading and responding to escalated cyber security alerts, conducting threat modeling, and developing and enhancing security controls. They also provide written assessments and support business initiatives.
Responsibilities
- Leads and responds to escalated cyber security alerts, cyber incidents, or related security investigations.
- Monitors and detects compromises, risks, vulnerabilities, network security threats, and uses modern and emerging threat actor tactics, techniques, and procedures (TTPs).
- Develops, manages, maintains, and enhances security controls such as alerts, rules, policies, and signatures for security platforms.
- Reviews the network environment for new and evolving cyber threats and provides preventive and remedial solutions.
- Conducts penetration testing, vulnerability assessments, and threat modeling, evaluating risks and making recommendations.
- Provides written assessments focusing on threats, vulnerabilities, and technologies relevant to Vanguard infrastructure.
- Mentors junior team members to improve their technical acumen.
- Participates in special projects and performs other duties as assigned.
Qualifications
- Minimum of five years related work experience, with three years' experience in threat analysis.
- Undergraduate degree in a related field or the equivalent combination of training and experience.
- Experience in offensive security disciplines including penetration testing, vulnerability analysis, web application security assessments, adversary emulation, and threat intelligence.
- OSCP, OSWA or equivalent certification is preferred.
- Strong collaboration skills with a demonstrated ability to work closely with other teams across the division.