Applies developed subject matter knowledge to solve common and complex business issues within established guidelines and recommends appropriate alternatives. Works on problems of diverse complexity and scope. May act as a team or project leader providing direction to team activities and facilitates information validation and team decision making process. Exercises independent judgment within generally defined policies and practices to identify and select a solution. Ability to handle most unique situations. May seek advice in order to make decisions on complex business issues.
Responsibilities:
• Identifies HP security system vulnerabilities, attacks, and threats, runs analyses on security incidents and threats, and researches appropriate countermeasures.
• Uses knowledge of HP environment to scope the extent and impact of any vulnerability, attack or breach.
• Resolves HP security issues related to security vulnerabilities, incidents and threats through independent analysis and/or research.
• Develops, enhances and maintains HP’s security solutions based on HP security system analysis, research and incident resolution.
• Operates as a key team member on security teams and advises on methods to improve security solutions.
Education and Experience Required:
• Bachelor’s degree or equivalent experience will be considered.
• Technical Cyber Security Certification through one of the recognized bodies preferred: SANS, ISACA, (ICS)2, CompTIA, Cisco, CERT etc.
• Typically 4+ years of relevant experience.
Knowledge and Skills:
• Advanced Cyber and IT security knowledge.
• Advanced understanding of Cyber and IT security risks, threats and prevention measures.
• Advanced understanding of relevant programming and scripting languages (perl, python, powershell, HTML, javascript, etc.).
• Advanced security system analysis skills.
• Advanced understanding of security standards and best practices.
• Advanced risk assessment and management skills.
• Advanced understanding of networking and network security.
• Advanced understanding of network monitoring and protocols.
• Advanced understanding of one or more of the following:
o Off-the-shelf vulnerability assessment products and tools.
o Network security devices (firewalls, proxies, NIDS/NIPS, etc.).
o Platform and application-layer penetration testing techniques.
o Adversary techniques, tactics, and protocols and related countermeasures.
o Dynamic and static malware analysis techniques.
o Network security monitoring.
o Memory analysis techniques.
o Malware reverse engineering techniques.
o Digital Forensics.