Job Classification:
Technology - Information Security
Are you interested in building capabilities that enable the organization with innovation, speed, agility, scalability and efficiency? The Global Technology team takes great pride in our culture where digital transformation is built into our DNA! When you join our organization at Prudential, youll unlock an exciting and impactful career all while growing your skills and advancing your profession at one of the worlds leading financial services institutions.
Your Team & Role
As a Specialist, Cyber Security Operations- Cloud/Containers on the Attack Surface Management Team, you will partner with other security professionals across the Information Security Office, the Chief Technology Office, and other groups in Prudential to drive Prudentials Cloud security efforts across the global enterprise.
You will also support implementation and operational best practices, while owning tasks and/or project workstreams, assist and perform analysis and diagnosis of issues related to technology configuration, setup, procedural and/or process challenges, and contribute to deliverables. You will work on significant and unique issues where analysis of situations or data requires an evaluation of intangible variables and may impact future concepts, products or technologies to ensure security of our products and customers! In addition to applied experience, you will bring excellent problem solving, communication and teamwork skills, along with agile ways of working, strong business insight, an inclusive leadership attitude and a continuous learning focus to all that you do.
Here is What You Can Expect on a Typical Day
Function as the escalation point for all Security Operations daily operational work as well as project work from more junior staff on the team
Leverage Security Operations and tool/process specific knowledge to resolve complex technical/process/people problems the team faces.
Leverage organizational and industry knowledge to bridge gaps between the Security Operations teams and internal IT/business teams to ensure the team has the information and resources they need to meet team goals.
Partner with leadership to set direction for the future of Security Operations program, while ensuring an accurate understanding and in-depth knowledge of daily operations to provide team recommendations.
Bring an applied understanding of relevant and emerging technologies, begin to identify opportunities to provide input to the team and coach others, and embed learning and innovation in the day-to-day
Validate proper mitigation controls are in place until remediation activities are complete.
Act as the point of contact for status updates regarding vulnerabilities across multiple platforms and multiple business groups
Ensure reporting metrics relay proper risk posture to leadership and evolve as necessarysupport.
Revise processes and procedures, metrics, and documentation that continue to improve the vulnerability management capability.
Provide proof-of-concept exploits in a lab environment to demonstrate exploitability and provide validation of proposed / implemented remediation actions
Experience with common vulnerability feeds from government, vendor, and open-source communities
Understanding of threat actors with the ability to articulate how they operate and demonstrate how they subvert common security controls
Understanding of the OWASP Top 10. Familiarity with vulnerabilities in 3rd party libraries and remediation
Scripting / programming skills (e.g., Python, PowerShell)
Work with IT peers and business stakeholders to ensure remediation efforts adhere to corporate standards and policies
Develop security policies and compliance initiatives such as SOX and NIST
Create team run books for scanning and reporting processes developed.
Ability to collaborate extensively with engineering teams to help them understand their vulnerabilities and assist them to develop remediation and mitigation strategies.
Implement security improvements by assessing current situation, evaluating trends, and anticipating requirements.
The Skills & Expertise You Bring
Bachelor of Computer Science or Engineering or experience in related fields
Leverage diverse ideas, experiences, thoughts, and perspectives to the benefit of the organization
Experience with agile development methodologies and Test-Driven Development (TDD)
Knowledge of business concepts tools and processes that are needed for making sound decisions in the context of the company's business
Ability to learn new skills and knowledge on an on-going basis through self-initiative and tackling challenges
Excellent communication, presentation, writing and documentation skills
Excellent problem solving, communication and collaboration skills
Applied experience with several of the following:
Identifies opportunities for process and technical security improvements in the environment
Deductive reasoning skills, creative thinker.
Analytical and detail-oriented individuals must have a passion for information security, creativity to identify gaps and initiative to find the appropriate solutions to fill needs
Understand and able to create queries to support data extraction correlation and reporting
Candidates must be skilled in vulnerability assessment, risk rating, threat correlation, asset-based remediation management, and reporting. Development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment
Familiarity with various vulnerability and security scanning tools, should be familiar with CVEs, CVSS, Secunia, and Mitre as well as other industry specific vulnerability classification...

Equal Opportunity Employer - minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity