Job Information
Huntington National Bank Cybersecurity Red Team Analyst – Principal in Pittsburgh, Pennsylvania
Description
Summary: The Cybersecurity Red Team Analyst - Principal will plan and direct efforts in developing and testing tools, tactics, and procedures to emulate adversarial threats actively in use targeting the financial services industry and leads the employment of these tools in the Huntington environment. This capability provides Huntington with a means of testing security controls for effectiveness, discovering gaps in controls, and validating viability of threats for more effective prioritization of risks. The principle role will also assist the Red Team manager in assessing and developing team capabilities.
Duties & Responsibilities:
Develop and test threat actor emulation tools, tactics, and procedures for the Red Team to employ on-demand for assessments of security controls for application, systems, and network.
Partner with threat intelligence team to ensure Red Team capabilities and tactics accurately emulate the current threat landscape.
Consult with cross-functional teams in project testing phases to ensure controls are in place to remediate threats and test controls as appropriate.
Consult with cross-functional teams for architectural design and review sessions to ensure controls are in place to remediate threats and test controls as appropriate.
Coordinate and monitor 3rd-party penetration testing engagement staff to ensure engagements meet all requirements with appropriate communications and timely and accurate reporting of results.
Assess, train, and develop Red team members.
Partner in developing remediation plans for findings through coordination with cross-functional teams for various application and technology system owners.
Other duties as assigned.
Basic Qualifications:
Associate's Degree
7+ years Cyber Security experience
5+ years hands on Penetration testing including 5+ years in web application penetration testing
5+ years Red team experience and engagements
Must be certified in OSCP (Offensive Security Certified Professional)
Experienced with Kali Linux, Cobalt Strike, Burp Suite Pro, Python 3, Powershell for offensive security/penetration testing
Developer experience in C/C#, Powershell, Phython3, or GoLang
Preferred Qualifications:
Certified in, GPEN, OSCE, GCIH, GXPN
Ability to communicate clearly and concisely
Expert understanding of security architecture and tools
Expert understanding of Threat Actors and their tactics, techniques, and procedures
Advanced experience with Security Assessment Toolsets
Advanced experience in automation and scripting of applications and systems
Expert knowledge of relational databases and structured query language
Expert knowledge of client/server relationships and multi-tier environments
#LI-Hybrid
#LI-SG1
Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)
Yes
Workplace Type:
Huntington is an equal opportunity and affirmative action employer and is committed to providing equal employment opportunities for all regardless of race, color, religion, sex, national origin, age, disability, sexual orientation, veteran status, gender identity and expression, genetic information, or any other basis protected by local, state, or federal law.
Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.
Agency Statement: Huntington does not accept solicitation from Third Party Recruiters for any position