CYBER DEFENSE, ADVERSARY EMULATION
Company: Mizuho Corporate Bank
Location: New York
Posted on: November 16, 2024
Job Description:
Join the Mizuho team in Cyber Defense, Adversary Emulation!Major
Duties & Responsibilities:In this role you will report to the Head
of Adversary Emulation, in the organization of the CISO. This role
will play a pivotal role in safeguarding the company's digital
assets and ensuring business continuity. You will be a leading
member of the Cyber Defense team for Mizuho Americas Services, LLC
(MAS). You will be responsible for day-to-day oversight and
management of the Threat and Vulnerability Management program. You
will work closely with other members of the MAS Information
Security Office to actively identify and mitigate threats and
vulnerabilities through various activities. You must combine
hands-on experience with an understanding of theory and practice.
You will also be involved with monitoring and oversight of security
consultants and other supporting third parties. Your
responsibilities include operational aspects of monitoring and
remediating security events including working with vendors and
other IT departments to address the event and escalating to senior
members of the team as necessary.
- Operational Responsibilities
- Oversee the Threat and Vulnerability Management program
- Prioritize work amongst full time staff and third-party
resources
- Oversee tools, technologies, and processes related to threat
management
- Ensure effective reporting of security activities, reporting
status, risks, issues, and escalations to senior leadership (CISO,
CIO, and other senior stakeholders).
- Manage relationship with other Security, Infrastructure, and
Application teams to identify, mitigate, and remediate
vulnerabilities and other threats in the environment
- Provide expertise on Security Incidents
- Map TTPs and CVEs to identified threats and prioritize
appropriately
- Recommend and implement enhancements to existing processes,
focusing on automation and integration between other security
tools.
- Ensure comprehensive threat identification of the entire Mizuho
enterprise
- Review daily, weekly, and monthly security reports for any
anomalies or issues
- Maintain documentation on security architecture, procedures,
configurations
- Project based work
- Provide feedback to MAS teams to implement well engineered
solutions to improve security posture
- Identify workflow areas to proactively address potential
vulnerabilities
- Work with colleagues and vendors to assess different
technologies and determine their impact within the Mizuho
environment
- Provide security requirements for the design, development,
engineering, and implementation of hardware, networks, and
applications
- Conduct lessons learned exercises and RCAs after security
incidents, detection of major system vulnerabilities, and ongoing
compliance violations
- Analyze threat intelligence, vulnerability and security
assessments; produce vulnerability reports and work with IT teams
to correct or mitigate found deficienciesQualifications &
Requirements:
- At least 10+ years security domain related experience,
preferably within a financial services firm
- 5+ years of experience in a similar position.
- Proven experience in a vulnerability management program within
a large enterprise.
- Strong understanding of cybersecurity risk management and
information security standards (SOX, NIST, FISMA, etc.)
- Ability to manage and use various scanning technologies across
different layers of the tech stack, such as SAST, DAST, cloud
infrastructure
- Strong understanding of OWASP and other common Application
Security issues and frameworks.
- Fundamental understanding of vulnerability reporting and
management processes or tools
- Solid grasp and understanding of vulnerability scoring and
classification methodologies
- Excellent communication and leadership skills, with the ability
to manage and prioritize multiple projects and initiatives.
- Strong knowledge of internet, web, application and network
security platforms.
- Strong knowledge of Linux & Windows operating system and
security functions
- Strong knowledge of Cloud Deployment and management
- Develop, document, and maintain policies, procedures, and
training plans for system administration and appropriate use
- Strong written and verbal communication skills. Ability to
clearly articulate ideas, solutions etc.
- Educational background with BS / MS in Information Technology,
Computer Science, Engineering or related area.Additional
Qualifications:
- Possess security certifications (CISSP, CISM, CISA, GSEC,
etc.)
- Experience with project management and industry best
practices
- Experience working within the Financial Services industry
- Experience in support projects and able to handle issues
against defined SLA / KPI
- Clear communication & presentation skills, and the ability to
articulate complex issues concisely
- Leadership, relationship-building and influencing skills to
drive agendas across a number of teams
- Proven track record of effectively interacting with senior
management
- Ability to work strategically and collaboratively across
departments
- Excellent organizational skills with the ability to multi-task,
prioritize competing demands, be versatile and action-orientedThe
expected base salary ranges from $105k-$170k. Salary offers are
based on a wide range of factors including relevant skills,
training, experience, education, and, where applicable,
certifications and licenses obtained. Market and organizational
factors are also considered. In addition to salary and a generous
employee benefits package, successful candidates are eligible to
receive a discretionary bonus.#LI-HybridOther requirementsMizuho
has in place a hybrid working program, with varying opportunities
for remote work depending on the nature of the role, needs of your
department, as well as local laws and regulatory obligations. Roles
in some of our departments have greater in-office requirements that
will be communicated to you as part of the recruitment process
.Company OverviewMizuho Financial Group, Inc. is the 15th largest
bank in the world as measured by total assets of -$2 trillion.
Mizuho's 60,000 employees worldwide offer comprehensive financial
services to clients in 35 countries and 800 offices throughout the
Americas, EMEA and Asia. Mizuho Americas is a leading provider of
corporate and investment banking services to clients in the US,
Canada, and Latin America. Through its acquisition of Greenhill---,
Mizuho provides M&A, restructuring and private capital advisory
capabilities across Americas, Europe and Asia. Mizuho Americas
employs approximately 3,500 professionals, and its capabilities
span corporate and investment banking, capital markets, equity and
fixed income sales & trading, derivatives, FX, custody and
research. Visit www.mizuhoamericas.com.------Mizuho Americas offers
a competitive total rewards package.We are an EEO/AA Employer -
M/F/Disability/Veteran.We participate in the E-Verify program.We
maintain a drug-free workplace and reserve the right to require
pre- and post-hire drug testing as permitted by applicable
law.#LI-MIZUHO
Keywords: Mizuho Corporate Bank, Hamden , CYBER DEFENSE, ADVERSARY EMULATION, Other , New York, Connecticut
Didn't find what you're looking for? Search again!
Loading more jobs...