Sr. TVM & Threat Hunting Engineer

Overview

Responsibilities:

Job Description Summary

Job Description:

With a strong focus on cost-effectively meeting the Information Security needs of CompuCom internally as well as CompuCom business units and, through them, our clients, the Sr. TVM & Threat Hunting position assists in the management of enterprise security as well as provide technical support and advice on a wide variety of information security responsibilities, issues and problems. This includes Security Incident Response, Vulnerability Management, Network and Application Vulnerability Scans, Leading/Performing Forensic Investigations, Compliance, Documentation, User Awareness, including leading phishing simulation efforts, and being a Subject Matter Expert in these and other areas related to Information Security. Work with teams throughout CompuCom to assist with the improvement of security of information systems, processes and procedures as well as to ensure compliance with all established policies, standards and regulations relevant to CompuCom and our clients.

Primary/Key Responsibilities

List three to ten (3-10) statements that describe the major activities/essential functions for which this job is held accountable and rank the primary responsibilities in order from most important to least important. Please indicate the percentage of time that will be spent on each responsibility (1% is the smallest time commitment and 100% is the largest time commitment). All percentages must add up to 100% in total. Each primary responsibility statement should be one to three sentences in length.

• List the activity and how it is done. Use action verbs.
• State what end results the activity is to accomplish.
  
  

Primary Responsibility

Percent of Time Spent on Task

(1-100%)

• Participate in security incident response activities as directed and as outlined in CompuCom's Security Incident Response Policy and Procedure;
  
  

10%

• Monitor for, analyze, determine applicability, and take action for security events that are reported via a variety of sources, including a SIEM, IDS/IPS and AntiMalware servers
  
  

15%

• Monitor for, analyze, determine applicability, and assess risk for vulnerabilities reported by manufacturers that are relevant to the CompuCom operations;
  
  

5%

• In conjunction with the Security Vulnerability Management process, coordinate and schedule scans of CompuCom's internal address space and applications for vulnerabilities using approved tools;
  
  

25%

• Generate and publish reports of vulnerabilities; using these reports, assess level of compliance with the Security Vulnerability Management process;
  
  

10%

• Participate in the Threat Hunting activities based on CompuCom Methodologies
  
  

5%

• Assist infrastructure and application owners to understand vulnerabilities discovered and plan remediation.
  
  

5%

• Ensure that approved scanning tools are configured to perform all necessary tests in order to have a complete and accurate risk profile for all production systems and devices;
  
  

5%

• Participate in the Security Vulnerability Management process, offering advice and recommendations in order to ensure risk from vulnerabilities is kept to a minimum.
  
  

5%

• Perform analyses of CompuCom Security User Awareness training in order to gauge utilization and effectiveness; make recommendations to improve training; Lead the Phishing Simulation efforts to the entire CompuCom user base.
  
  

10%

• Participate in security architecture reviews to validate compliance with organizational security guidelines and support secure‑by‑design outcomes.
  
  

5%

What typical decisions does this job have total authority for making

• None
  
  

What typical decisions does this job refer to others for approval

• Actions to take in an event of a security incident and remediation efforts related to security technical matters
  
  

What level associate (job title) provides work direction for this job

• VP, CISO, CIO, Sr. Director, Director, Lead Operations, Senior Operations
  
  

What level associate (job title) reviews and approves work in progress or when completed

undefined

VP, CISO, CIO, Sr. Director, Director, Lead, TVM & Threat Hunting, Manager, Operations

Education & Experience

Minimum Requirements typically required for someone to be performing fully (competent) in this job:

Level Of Formal Education

Bachelor's degree or master's degree in computer science, information systems or another related field

Area Of Study

Computer Science, Information Management, Security, Compliance

Years Of Experience

5 to 8 Years

Type Of Experience

• Knowledge of technical systems, and the potential use of technology solutions in a business environment.
• Knowledge of security-specific architecture methodologies or standards.
• Knowledge of risk management, business impact, control, vulnerability assessments, and treatment strategies.
  
  

Special Certifications

(CPA, Etc.)

Language Skills

CISSP, CEH required. OSCP preferred.

English

Technical Competencies

• Knowledge of web-related technologies (Web applications, Web Services, and Service-Oriented Architectures) and of network/web related protocol concepts.
• Knowledge of firewalls, SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption), user account management (SSO, SAML), and password/key management concepts.
• Knowledge of Blue Team & Red Team activities and Vulnerability Management Methodologies.
• Experience with Vulnerability Scanners and Web Application Vulnerability Management tools
• Expertise and experience in securing operating systems and network infrastructure
• Expertise in securing fundamental networking protocols: DNS, HTTP, TCP, UDP, TLS, IPSEC, 802.1x, NFS
• Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.
  
  

Competencies

• Proven ability to work and interact closely with senior management levels to determine their business needs and obtain support for initiatives.
• Strong security technical foundation with the ability to synthesize relevant information and make key decisions.
• Strong analytical skills to relate security requirements to appropriate security controls.
• Detail oriented and self-motivated to complete assigned tasks.
• Strong research and problem-solving skills.
• Strong analytical skills to relate security requirements to appropriate security controls.
• Excellent communication abilities and relationship building skills.
• Written, verbal, and presentation skills with the ability to effectively interact with internal and external business partners
• Ability to think strategically.
• Understanding of complex automated systems.
  
  

Information Systems

(People Soft, etc.)

Knowledge of Cloud SaaS, PaaS, IaaS, On Premise, and packaged apps.