Lead Cybersecurity Analyst (Hunt / Red Team / Incident Response / Platform Engineer)
Job Description
At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers and is consistently awarded for both. We’re all about people, and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career.
Discover is seeking Cybersecurity talent with a minimum of three years of experience in at least 2 of the 5 following disciplines:
- Cybersecurity Monitoring
- Cybersecurity Threat Intelligence
- Adversary Simulation
- Cyber Threat Hunting
- Cybersecurity Platform Engineering
- Cybersecurity Incident Response
Seasoned candidates are strongly encouraged to apply.
Cybersecurity Platform Engineering
The Platform Engineering Team serves as experts in the creation and operation of solutions for our Security Operations Center (SOC) and related enterprise teams. Spread across two functional areas (technology and analytics), key responsibilities include development of custom tools, creation of new security detection logic, partnering with our Security Operations Center (SOC) to ensure their success, and working with big data platforms to achieve our mission.
The ideal candidate has prior experience in an engineering or security-related role, hands-on experience implementing security tools and detection logic for enterprise teams, and the ability to think creatively to find elegant solutions to complex problems.
Cybersecurity Threat Hunter
The Cybersecurity Threat Hunting Team is designed to proactively detect advanced threats that evade traditional security controls. Cyber Threat Hunting includes using both manual and machine-assisted capabilities and aims to find the Tactics, Techniques, and Procedures (TTPs) of advanced adversaries. The candidate must have a curious investigative mind, security background in information technology (network/systems administration), and the ability to communicate complex ideas to varied audiences.
The candidate will be a key member of the SIIRT’s Threat Hunting and Adversary Simulation team responsible for actively developing hunts, translate them into an iterative process, participating in threat actor-based red team simulations, and creating new detection methodology. The focus of the Cyber Hunter is to detect, disrupt and eradication of threat actors from the enterprise network. To execute this mission, you will use data analysis, threat intelligence, and cutting-edge security technologies.
Cybersecurity Adversary Simulation
The Adversary Simulation Team operates as a tactical think tank, generating strategically relevant attack scenarios, simulating Tactics, Techniques, and Procedures (TTPs) of threat adversaries to test the organization’s security posture. Collaborating with all of Cybersecurity, the Adversary Simulation team acts as a progressive, adaptive, and proactive work stream focused on testing the security effectiveness and defensive readiness of the organization as a whole.
The ideal candidate is a very experienced, seasoned, and well-rounded red team operator that is relentless and creative. This individual will have a deep adversarial mind, disciplined methodology, and a willingness to work closely and collaborate with very bright security minds on the offense and defensive sides. A strong technical background will be essential to deliver high quality results. The ideal candidate must foster good working relationships with business and IT managers to ensure the organization meet its business objectives. This position is also responsible for being involved with new developments in the industry as it relates to research on new attacks and defense mechanisms to maintain system resilience to next generation attacks.
Cybersecurity Incident Response
The Cybersecurity Incident Response Team provides world-class cyber incident response services. As a member of the team, the individual will be responsible for performing CSIRT activities including: responding to computer security incidents, gathering forensic evidence, analyzing events based on digital artifacts, determining mitigation/remediation/security improvement opportunities, and working with stakeholders to communicate findings.
The ideal candidate has a disciplinary background in information technology such as enterprise web applications, operating systems, computer programming, networking, or system administration; proficiency in log analysis and implementing mitigation techniques; acquiring and analyzing digital evidence; and producing thorough reports, including analysis findings and lessons learned.
Responsibility of the role is to design the Cybersecurity roadmap, contain potential breaches, conduct digital forensics, and deliver highly complex secure systems, cyber applications, technical projects, and regulatory and risk requirements. Drives Cybersecurity framework, roadmap, program optimization, process engineering, risk remediation, and mitigation of operational risk in a high-velocity culture by introducing technology, requirements, deliverables, gaps, and systems design. Analyzes competitive strategies, cyber technologies, metrics models, and performance indicators. Contributes to robust and innovative strategic solutions, builds resilient support for next-generation systems to solve business challenges, and enhances the control environment and executive decision-making.
At a minimum, here’s what we need from you:
- H.S. Diploma or GED
- 6+ years of experience in Information Security, Computer Science, Engineering, Data Analytics, or related field
Preferred Qualifications
If we had our say, we’d also look for:
- Bachelor’s Degree in Information Security , Computer Science, Business Administration, Data Analytics, or related field
- 8+ years of experience in Information Security, Computer Science, Engineering, Data Analytics, or related field
- In lieu of a degree, 4+ years of experience with related certifications: CISSP/GIAC
- PMP, CEH, GIAC, CISM, CISSP
Discover Financial Services is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, among other things, or as a qualified individual with a disability.