Applies advanced subject matter knowledge to solve complex business issues and is regarded as a subject matter expert. Frequently contributes to the development of new ideas and methods. Works on complex problems where analysis of situations or data requires an in-depth evaluation of multiple factors. Leads and/or provides expertise to functional project teams and may participate in cross-functional initiatives. Acts as an expert providing direction and guidance to process improvements and establishing policies. May represent the organization to external customers/clients. Exercises significant independent judgment within broadly defined policies and practices to determine best method for accomplishing work and achieving objectives. Manages security incident recovery utilizing incident root cause analysis to institute new protective controls that harden systems so as to prevent re-occurrence of similar incidents. May provide mentoring and guidance to less experienced employees.

Responsibilities:

• Manage Stakeholder Relationships
• Manages mid to upper level stakeholder relationships across Cybersecurity, Information Technology, business groups, and external providers.
• Engage service delivery team
• Communicate with partners to ensure patching and policy compliance
• Continuous search and removal of any device triggering key vulnerability scans.
• Manages and proactively monitors HP security system issues and threats, runs complex analyses on security vulnerabilities, incidents and threats, and uses root cause research to inform HP’s recovery process.
• Implements, monitors, and/or manages advanced security technologies: Threat and Vulnerability Management, SIEM, Firewalls, IPS, Endpoint Protect/Detect and Response or other security related solutions.
• Monitors the outputs of security providers.
• Analyzes vulnerabilities, attacks or threats to determine risk, adversary intent, and prioritize mitigation or response.
• Testing, documenting, evaluating, remediating, and managing cybersecurity deliverables to protect HP by achieving security effectiveness, and operational efficiency.
• Owns resolution of HP security issues related to security vulnerabilities, incidents and threats by working cross-functionally with multiple partner organizations.
• Recommends containment, eradication, and recovery measures for any observed attack or breach. Combines industry expertise with a thorough understanding of information and security technology to direct development of vulnerability remediation or mitigation plans.
• Demonstrates advanced capabilities to develop custom programs, scripts, etc. enhancing off-the-shelf products or established tools.
• Recommends and coordinates the development, enhancement, organization, and maintenance of a HP’s security solutions, including research and security system analysis.  Contributes to HP’s security response, threat and resolution knowledge base by aggregating and incorporating the analyses/outputs of security professionals.
• Manages and proactively monitors HP security system issues and threats, runs complex analyses on security vulnerabilities, incidents and threats, and uses in-depth research to inform HP’s resolution process.
• Analyzes vulnerabilities, attacks or threats to determine risk, adversary intent, and prioritize mitigation or response.
• Owns resolution of HP security issues related to security vulnerabilities, incidents and threats.
• Recommends containment, eradication, and recovery measures for any observed attack or breach. Combines industry expertise with a thorough understanding of information and security technology to direct development of vulnerability remediation or mitigation plans.
• Recommends and coordinates the development, enhancement, organization, and maintenance of a HP’s security solutions, including research and security system hardening.  Contributes to HP’s security response, threat and resolution knowledge base by aggregating and incorporating the analyses/outputs of security professionals.
• Monitors the outputs of security professionals.

​Education and Experience Required:

• Bachelor’s degree required, preferably in computer science, engineering or related area of study, or equivalent experience.
• Typically 6+ years of relevant experience.

Certifications Desired:

• Technical Cyber Security Certification through one of the recognized bodies preferred: SANS, ISACA, (ISC)2, GIAC, etc.

​Knowledge and Skills:

• In-depth understanding of Cyber and IT security risks, threats and prevention measures.
• In-depth understanding of relevant programming and scripting languages (Perl, Python, PowerShell, HTML, JavaScript, etc.).
• Security system analysis skills.
• Understanding of network monitoring and protocols.

Understanding of one or more of the following:

• Off-the-shelf vulnerability assessment products and tools.
• Network security devices (firewalls, proxies, NIDS/NIPS, etc.).
• Platform and application-layer penetration testing techniques.
• Adversary techniques, tactics, and protocols and related countermeasures.
• Dynamic and static malware analysis techniques.
• Memory analysis techniques.
• Malware reverse engineering techniques.
• Digital Forensics.

General/Overall Cybersecurity Experience:

• In-depth knowledge of HP IT Infrastructure and network
• Proven enterprise-wide tool/process implementation skills
• In-depth Cyber and IT security knowledge.
• Lead internal as well as external resources.
• Be aware of necessary process development/improvement of delivery team members.
• Contributions have visible impact on HP business (cost, efficiency, Total Customer Experience (TCE).
• Excellent interpersonal, written, and oral communication skills
• In-depth understanding of security standards and best practices.
• Risk assessment and management skills.

#LI-post