Security Engineer - Red Team Security Engineer - Red Team …

State Street Corporation
in Quincy, MA, United States
Permanent, Full time
Be the first to apply
State Street Corporation
in Quincy, MA, United States
Permanent, Full time
Be the first to apply
State Street Corporation
Security Engineer - Red Team
The Security Engineer will act as a member of the Control Assessment and Testing Team (CATT) within the Corporate Information Security (CIS) and will serve as an advisor on technical and policy matters, involving the security of information systems.

The Security Engineer will conduct comprehensive assessments of the operational and technical security controls used by an enterprise applications and critical infrastructure. These assessments help determine the overall effectiveness of the controls and the extent to which they are implemented adequately and correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system. The Security Engineer will interact directly with Application and Infr astruct ure SMEs, Program Management, Information Security Officers (ISOs) and System Owners. Application of technical expertise and a comprehensive understanding of the related IT controls are required, but not limited to the following areas: Access and Au thentication, Data Security, Secure Software Management, Infrastructure Operations, Network Edge Protection, and Vulnerability Management.

Responsibilities: 
  • Perform network penetration, web, mobile and business application testing, threat analysis, wireless network assessments, OT/IoT security assessments, and social-engineering on a wide variety of high or critical business so lutions that include but are not limited to software, hardware, networks, and mobile devices as well as complex solutions that may include any number of the above configurations.
  • Develop, identify, and safely utilize attacker tools, tactics, and procedures in a busy financial production setting.
  • E nsure compliance of system and application security in accordance with corpor ate security practices/guidelines and relevant technology standards. 
  • Develop scripts, tools, or methodologies to enhance red team processes
  • I dentifying control gaps and work with application SMEs to provide actionable risk remediation activities and timelines. 
  • P repare final security assessment reports containing the results and findings from the assessment. 
  • Iteratively enhance the overall assessment processes . Follow and advance the security risk assessment methodology 
  • Effectively communicate findings and remediation strategies of findings to stakeholders including technical staff, executive leadership, risk management, and internal/external audit teams.
  • Educate users /colleagues on information security topics such as policies, standards, guidelines and best practices

Minimum Requirements: 
  • Expertise in Windows, Linux, and Networking 
  • Knowledge of general security concepts, such as defense-in-depth, MITRE ATT&CK framework, and security architectures
  • Strong knowledge of security controls in AWS and Azure cloud platforms
  • Experienced in utilizing various SIEM (e.g. ArcSight, Splunk) and EDR tools for threat hunting
  • Proficiency with python and powershell scripting
  • 3-5 years of Penetration Testing and Security Asses sments 
  • 3-5 years of Cybersecurity 
  • 3-5 years of Vulnerability Scanning 
  • Education: Bachelor's 
  • Licensing: CISSP, OSCP, CEH, or equivalent

Company Overview

From technology and product innovation to corporate responsibility and community development, we're making our mark on the financial services industry. For more than two centuries, we've been helping our clients safeguard and steward the investments of millions of people - strengthening markets, building communities and creating opportunities for growth.

We owe that longevity to the commitment, expertise and creativity of our employees. Our continued success depends on our ability to attract and develop the best talent in the industry. That's why we're keenly focused on employee development, corporate citizenship and inclusion.

For us, success comes in the mark we make as an organization - for the industry, our clients, our communities and each other.

State Street Corporation logo
More Jobs Like This
See more jobs