Cyber Threat Management - Staff Specialist Information Security Engineer

Basic Information

Country

India

State

Maharashtra

City

Pune

Date Published

09-Nov-2021

Job ID

32045

Travel Amount

None

Description and Requirements

Primary Roles and Responsibilities:

•Collecting threat information from various sources including daily threat review meetings, identify the impact to BMC assets, and coordinate action plans with security teams, and other relevant stakeholders
•Provide required escalation, prioritization, and visibility of threats based on impact analysis, and validate proper mitigation controls are in place until remediation activities are complete
•Ability to collaborate extensively with asset owners to help them understand their vulnerabilities and assist them to develop remediation and mitigation strategies.
•Provide regular reports to management on the overall threat management program, and act as the point of contact for status updates regarding vulnerabilities across multiple platforms and multiple business groups.
•Coordinate and monitor, management of vulnerabilities reported by third-party pen-tests, third-party monitoring tools, and internal audits.
•Provide leadership and direction on initiatives relating to information security and the Threat Management Program. 
•Develop, create, and drive current and new reporting methods of Intelligence analysis for the leadership team for purposes of situational awareness and making Intelligence actionable
•Initiate, and lead a threat modeling program, and participate in a Red Teaming program within BMC

Experience/ Qualifications:
•Bachelor’s/equivalent degree or higher in IT, CS, IS, with a focus in cybersecurity. Certifications a plus.
•5+ years of experience in cybersecurity or information technology security role, with specialization in cyber threat intelligence
•Demonstrated analytical skills to determine what threat and intelligence requirements can be gathered from what sources, what inferences or assumptions can be determined and project threat scenarios.
•Strong understanding of network services, vulnerabilities, and attacks. Knowledge of application exploits and vulnerabilities. Knowledge of ports and services typical in the configuration of web servers, file servers, and workstations
•Previous experience working with SIEM technologies, threat hunting, and pen-testing tools and technologies, and working with malware analysis
•Strong written, communication, and presentation skills along with the ability to work in a highly collaborative environment
•Good understanding of information security threat landscape, and prior experience with threat modeling, and use of relevant tools and technologies
•Generic understanding of security tools and services that operate at different levels delivering defense-in-depth capabilities. Knowledge of IDS/IPS, DNS, DCHP, DMZ architecture, Active Directory, Proxies, Cloud architecture technologies, and VPNs to name a few. 
•Demonstrated understanding of public cloud environments, vulnerability scanning, and configuration in such environments
•Understanding of the OWASP Top 10 vulnerabilities. Familiarity with 3rd party libraries and remediations
•Candidates must be familiar with vulnerability attributes like CVEs, CVSS, and threat detection and hunting frameworks like MITRE ATT&CK framework.
•Candidates must be familiar with OSINT and be able to leverage these tools in daily threat monitoring.


Nice to Have: 
•Understanding of IT security compliance frameworks like ISO, PCI, HIPPA, SOX
•Identifies opportunities for process and technical security improvements in the environment.
•Good deductive reasoning skills, creative thinker.
•Analytical and detail-oriented individuals must have a passion for information security, creativity to identify gaps, and initiative to find the

From core to cloud to edge, BMC delivers the software and services that enable over 10,000 global customers, including 84% of the Forbes Global 100, to thrive in their ongoing evolution to an Autonomous Digital Enterprise.
It is the policy of BMC Software to afford equal opportunity for employment to all individuals regardless of race, color, creed, sex, age, sexual orientation, national origin, disability, ancestry, citizenship status, political affiliation, religion, gender, transgender, gender identity, gender expression, marital status, status as a parent, disabled veteran or status as a protected veteran, genetic information or other factors prohibited by law, and to prohibit harassment or retaliation based on any of these factors.

If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page.