Job Information
Huntington National Bank Cybersecurity Purple Team Engineer Principal in Detroit, Michigan
Description
Summary:
As a Principal Purple Team Engineer you will lead our efforts in bridging the gap between offensive and defensive cybersecurity tactics. This role involves overseeing the design and execution of sophisticated security assessments to ensure the resilience and robustness of our systems against cyber threats. Your expertise will guide cyber security teams in creating a unified defense mechanism that is proactive, intelligent, and adaptable
Lead the development and execution of purple team strategies, incorporating the strengths of both red and blue cybersecurity practices. Plan and conduct high-level breach simulations and penetration tests to evaluate the effectiveness of existing security measures. Coordinate with cybersecurity leadership to develop comprehensive risk management and incident response strategies.
Duties & Responsibilities:
Provide expert analysis and feedback on the outcomes of security tests, translating technical insights into actionable strategies and improvements.
Innovate and implement cutting-edge cybersecurity solutions and practices to enhance the security posture of the organization. Mentor and guide team members across the purple, red, and blue teams, fostering a culture of continuous learning and skill enhancement.
Prepare and present detailed reports and briefings to executive leadership regarding current security posture, test outcomes, and areas for improvement.
Perform tactical penetration testing and continuous attack simulations to evaluate the security defenses of systems and applications.
Develop deep understanding of the organization’s technology and business to design purple team operations.
Collaborate with cross-functional teams to implement security measures that respond to offensive security findings and recommendations.
Develop and maintain comprehensive reports detailing security assessment results and actionable insights.
Stay updated on industry-leading offensive security techniques, tools, and trends in collaboration with the Threat Intelligence team to ensure attack modeling prioritizes the most relevant and dangerous adversary behaviors.
Basic Qualifications:
8 years of experience in cybersecurity or 8 years combined experience in any of the following:
Security products engineering,
Open source cybersecurity tools, Mitre attack TTPS, Splunk dashboards, Security testing and automation products)
Significant expertise in both offensive and defensive roles.
Demonstrated leadership in managing cybersecurity teams and projects, with a track record of developing and executing complex security strategies.
Deep technical knowledge of security system design, vulnerability assessment, penetration testing, and the latest cybersecurity technologies and methodologies.
Excellent communication skills, with proficiency in explaining complex security concepts and strategies to both technical and executive audiences.
Strong analytical and problem-solving skills, with a keen eye for identifying trends and anticipating potential threats.
Expert level knowledge of core networking protocols including BGP, DNS, HTTP/S, DNS, etc...
Expert level knowledge of operating systems, e.g. Windows, Linux, & Unix
Expert level network troubleshooting skills utilizing packet capture/analysis packages such as Wireshark, TCPdump, etc…
Excellent customer facing communication skills (both written and verbal)
Preferred Qualifications:
Proficiency in security frameworks, controls, and offensive security simulation techniques.
Strong analytical skills with the ability to translate technical insights into strategic recommendations.
Comfort with a wide array of security tools; you should have recommendations on the best tools for this role, but your ability to perform should not be dependent on any specific tool set or architecture.
High Level of Emotional Intelligence working with both technical and non technical colleagues.
Excellent customer facing communication skills (both written and verbal)
Ability to research, evaluate, and devise course of action for security hardware/software and tools to make overall impact on the enterprise’s existing security environment
Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)
Yes
Workplace Type:
Huntington is an equal opportunity and affirmative action employer and is committed to providing equal employment opportunities for all regardless of race, color, religion, sex, national origin, age, disability, sexual orientation, veteran status, gender identity and expression, genetic information, or any other basis protected by local, state, or federal law.
Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.
Agency Statement: Huntington does not accept solicitation from Third Party Recruiters for any position