Home Point Financial Corporation (HPFC) is a rising star in the financial services industry. At Home Point, we created a culture that encourages community, caring and open communication. We want our associates to speak up, become innovators and make impactful changes – no matter what position they hold within the company. What makes our team special? Our "We Care" approach in all that we do. At HPFC we collaborate, question the norm, reinvent and help each other succeed. If you thrive in a fast-paced environment and are looking for an opportunity to develop your career, then we have a great opportunity for you!
- Threat Management, Defense, and Response: Analyze threat intel, identify threat vectors, perform threat modeling, and develop use cases for security monitoring and response.
- Managing Vulnerability and its life cycle: taking part and contributing to Risk Modelling, managing, and remediating vulnerabilities.
- Architecting and implementing enterprise-level security solutions: Specifically, for cloud environments e.g. Azure public cloud, but with potential growth into AWS and GCP.
- Security Automation: Automating processes using well-known frameworks such as PowerShell, Python, Bash, etc. As well as SOAR buildout.
- Continuous Monitoring: Management Enterprise host/network security and intrusion detection, User Behavior, and other security monitoring.
- Security Development and Administration: Evaluate new cybersecurity applications or tools, rules/signatures, access controls, and configurations of cybersecurity platforms.
Skills & Experience Requirements:
- Experience with CI/CD and Agile development models.
- Identity Management and Governance
- Strong understanding of NIST, CIS Controls, and Zero Trust
- Ability to work within application development and DevOps environments to manage security code.
- An ability in critical thinking, solving complex problems, and excellent analytical, communication, and interpersonal skills
- Possession of a current industry certification (CISSP, GIAC, SSCP, etc.); security operations specific certifications a plus (GCIA, GCIH, CASP, etc.)
- 5+ years' experience in Information Security or related field.
- Experience with computer network penetration testing and techniques.
- Understanding of Security tools and appliances e.g. firewalls, proxies, SIEM, antivirus, IDPS and security concepts.
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Understanding of security process and frameworks and how to handle incident response