Incident & Threat Analyst (Adversary Hunt & Simulation)
About This Role
Discover. A brighter future.
With us, you'll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it - we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.
Come build your future, while being the reason millions of people find a brighter financial future with Discover.
Job Description
At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers and is consistently awarded for both. We're all about people, and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career.
The Adversary Hunt & Simulation Team (Purple Team) is a strategic component within Cybersecurity Services organized to conduct offensives and defensive exercises. These exercises are focused on threat hunting & simulating potential adversary attacks or exploitation capabilities against the enterprise. This position works closely with team members to plan, coordinate, execute and report on sophisticated purple team and threat hunt operations to identify gaps and opportunities in cyber operations and reduce the risk posture of enterprise systems.
The ideal candidate has a few years' prior experience conducting offensive security exercises and experience searching for advanced attacks that have evaded security solutions. Familiarity with both the attacker and defender side is import for this role as you will look at both perspectives, conducting independent research and applying it to the environment to improve the enterprise security posture.
You'll sweep us off our feet if:
• If you know how the adversary and defender think about each other
• If you know common adversary TTPs (Tactics, Techniques, and Procedures)
• If you can chart a course from an initial access foothold, to an objective, and then trace the steps you took back from a defender perspective.
• If you are calm under pressure and work well in real-time collaboration with multiple teams
• If you are permanently curious and never stop learning
You'll make an impact by:
• Discovering new gaps in our organization's detection & prevention controls.
• Executing scenarios and then working with stakeholders to make sure they can never happen again
• Presenting ground truth on the readiness of our businesses to withstand a breach
• Influencing senior and executive leadership's security investment decisions
Responsibilities:
• Conduct sophisticated adversary hunt & simulation (purple) operations against Discover to enable identification and mitigation of gaps in detection & prevention controls.
• Research, develop, and apply offensive & defense tactics, techniques and procedures (TTP's) in order to effectively mimic the capabilities of relevant threat actors.
• Provide subject matter expertise on both offensive & defense security for the organization.
Minimum Qualifications
At a minimum, here's what we need from you:
- Bachelors - Computer Science, Information Security
- 4+ Years - Cybersecurity, Software Engineering, Data Analytics or related
- In lieu of a degree 6+ Years - Information Security, Computer Science, Data Analytics or related
- Internal applicants only: technical proficiency rating of competent on the Dreyfus cybersecurity scale
Preferred Qualifications
• 3+ years of experience in security testing of varied environments
• 3+ years of threat hunting or incident response experience.
• One or more of the following certifications (OSCP, GCFA, GDAT, GXPN, GREM
#LI-IR1 #Remote #Bi-Remote
What are you waiting for? Apply today!
The same way we treat our employees is how we treat all applicants - with respect. Discover Financial Services is an equal opportunity employer (EEO is the law) . We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.