Threat Model Security Engineer
Ruddington, United Kingdom
Experian
Experian is committed to helping you protect, understand, and improve your credit. Start with your free Experian credit report and FICO® score.Company Description
Our uniqueness is that we truly celebrate yours.
Experian's culture and people are key differentiators. We take our people agenda very seriously. We focus on what truly matters; DEI, work/life balance, development, authenticity, engagement, collaboration, wellness, reward & recognition, volunteering... the list goes on. We’re an award winning organisation due to our strong people first approach.
Innovation is a critical part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.
Job Description
As a Security Engineer within the Threat Informed Defense (TID) Team, you'll play a pivotal role in securing our critical business applications. You'll be tasked with conducting thorough threat modelling exercises, identifying potential vulnerabilities, and enumerating relevant threat scenarios. Leveraging this information, you'll design and implement effective detection strategies that bolster our defense mechanisms against evolving cyber threats. Your work will directly contribute to the continuous improvement of our security posture, ensuring the integrity and resilience of our digital assets.
Key Responsibilities:
- Conduct comprehensive threat modelling of business-critical applications to identify potential security vulnerabilities and risks.
- Enumerate relevant threat scenarios based on structured threat intelligence, industry trends, and the evolving cyber threat landscape.
- Design and implement effective detection strategies for identified threats, focusing on minimizing potential impact and enhancing response capabilities.
- Continuously monitor and evaluate the effectiveness of implemented detections, adjusting strategies as necessary to address emerging threats and vulnerabilities.
- Participate in security incident response activities as required, providing expert analysis and recommendations for mitigating and preventing future threats.
Qualifications
Demonstrates expert technical skills in a large enterprise environment, such as:
- Demonstrable experience in cybersecurity, with a focus on building Cyber Threat Detections. This experience should encompass a broad understanding of cyber threats, defense mechanisms, and the cybersecurity landscape.
- Cyber Threat Intelligence and Threat Modeling: Demonstrated expertise in leveraging cyber threat intelligence to inform detection strategies and conduct threat modeling on critical business applications. Proven ability to design and implement effective detection mechanisms within complex IT environments using SPL, KQL and SQL.
- Knowledge of Cybersecurity Frameworks and Standards: Familiarity with common cybersecurity frameworks, standards, and best practices, including but not limited to NIST.
- Relevant Cybersecurity Certifications: Possession of relevant cybersecurity certifications (e.g., CISSP, CISM, GIAC) is highly desirable, demonstrating a commitment to professional development and expertise in the field.
- In-depth knowledge and experience in implementing the MITRE ATT&CK framework within security operations. This includes the ability to use the framework for threat modeling, detection strategy development, and enhancing overall security posture by understanding and mitigating tactics, techniques, and procedures (TTPs) used by adversaries.
Additional Information
Our uniqueness is that we truly celebrate yours.
Experian's culture and people are key differentiators. We take our people agenda very seriously. We focus on what truly matters; DEI, work/life balance, development, authenticity, engagement, collaboration, wellness, reward & recognition, volunteering... the list goes on. We’re an award winning organisation due to our strong people first approach.
Innovation is a critical part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.
Discover the Unexpected
Experian is the world’s leading global information services company. We’re passionate about unlocking the power of data in order to transform lives and create opportunities for consumers, businesses and society. For more than 125 years, we’ve helped economies and communities flourish – and we’re not done.
Our 21k amazing employees in 40+ countries believe the possibilities for you, and the world, are growing. We’re investing in the future, through new technologies, talented people and innovation so we can help create a better tomorrow. To do this we employ the brightest minds that share our purpose and want to make a difference.
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISM CISSP GIAC Incident response MITRE ATT&CK NIST SQL Strategy Threat intelligence TTPs Vulnerabilities
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs