The Sr. Cyber Security Purple Team Engineer will provide solutions and partner with the Cyber Security teams to advance Huntington's Cyber Security posture. The Sr. Cyber Security Purple Team Engineer helps mature and harden Huntington National Bank defensive posture its associated proprietary data, physical infrastructure, and resources from internal and external threats. The Sr. Cyber Security Purple Team Engineer will design, implement, and track the hardening and testing methodologies utilizing offensive tactics, techniques, and procedures.
The ideal candidate has outstanding team development and technical skills, the ability to diagnose threats and lead hardening and testing efforts. The Sr. Cyber Security Purple Team Engineer will stay abreast of the cyber threat landscape to be proactive in the identification of potential threats and will work with all stakeholders to ensure the integrity and security of Huntington networks, assets, and data.
- Partner with the various Cyber Security Teams to develop, test, and deploy hardening improvements
- Create hardening requirements focusing on threats in the wild
- Integrate threat intelligence, offensive, and defensive cyber security solutions.
- Develop and maintain a testing platform and methodology to track and monitor cyber security improvements.
- Help develop and implement robust alerting and response to IOCs, APTs, and advanced malware behaviors.
- Develop metrics to measure attack complexity, targeting, exercises, and historical data
- Technical Subject Matter Expert on offensive, defensive, and defense-in-depth methodologies and technology by performing ongoing research and engagement to maintain awareness of industry trends and best practices.
- Bachelor's Degree
- 5 years of experience in Cyber Security
- 3 years of experience with Security Engineering solutions (NGFWs, WAF, IDS/IPS, Proxy, etc.)
- 3 years of experience in Offensive or Defensive Security
- Provide analytic & countermeasure support utilizing network, application, and email security solutions.
- Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures.
- Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
- Expert knowledge of SIEM, Security Operations, Firewalls, Web Application Firewalls, Email Security, DDoS mitigation technologies, Anti-virus, EDR, and Cloud Security solutions.
- Expert knowledge of Red Team and adversarial TTPs.
- Windows / Linux / UNIX operating systems.
- Industry recognized certifications or advanced certifications such as SANS, CISSP, and/or CISM.
- Occasional travel may be required (<10%).