This role is responsible for ensuring cyber threat controls are appropriate, capable, optimally configured, consistent across all Group entities, and gaps are identified and remediated through operational and investment activities.
The role is pivotal in delivering on multi-year strategy of building a threat-informed, data-led and risk-focused security program.
As a Senior Consultant in the Threat & Adversary Mitigation team, you'd be a key person in innovating new developments in Threat Led Defence approach to serving customers better and protecting the organization.
Day to day you will: Actively lead and drive the development and implementation of the threat and countermeasures framework, including Intelligence led Attack Procedures, Theoretical and Threat Attack Scenarios, ATT&CK TTP Mapping, Mitigations and Controls to drive significant improvement of cyber defenses through the analysis, production and embedment of Defensive Requirements.
Take ownership and provide SME support for remediation and mitigation strategies for tracked adversaries and tradecraft.
Influence and drive key stakeholders including senior management, Strategy and Architecture, support teams, third parties and vendors to ensure a defensible architecture.
Produce reporting on countermeasure effectiveness, ineffectiveness and ROI commensurate Threats.
Establish and lead attack simulation capability and mitigation metrics, to drive significant improvement of cyber defences.
Perform deep dive investigations into potential high-risk exposure areas.
Lead periodic review of countermeasures and threat scenarios, including detailed configuration of security controls to ensure optimal defensive posture.
Proactively identify improvements in countermeasures to prevent and be able to respond to successful attacks.
Partner with Threat & Vulnerability Intelligence, Red Team, Cyber Detection and Response and other operational teams to automate adversary simulation and test countermeasure effectiveness.
Engage and influence across enterprise at executive level to advance Cyber Posture.
Establish strong external relationships and network with peer organizations across public and private sector.
Lead day-to-day activities for threat adversary mitigation team.
Operationalise the threat lead Risk framework as it pertains to adversary mitigation analysis activities.
Produce clear and accurate reporting for stakeholders.
Assist with incident response where required by leadership.
What you'll bring to the team: A unique combination of engineering acumen plus a combination of CTI, Offensive Security and a Cyber Defence mindset.
Experience in CTI/SOC in large complex enterprise environments is an advantage.
Familiarity with common security and threat frameworks, taxonomies and ontologies such as NIST CSF, NIST SPs, MITRE ATT&CK, STIX, VERIS, MITRE DEFEND, MITRE ENGAGE etc.
Excellent communication, stakeholder management and influencing skills.
Disciple of a data driven, threat led, Risk averse approach to Cyber Security.
A Battle-Tested seasoned cyber security professional.
Executive relationship management and an Influential communicator/storyteller.
Able to Coach, Mentor, Inspire and Develop teams.
Possesses a curiosity driven security research mindset.
Designing/Architecting enterprise-grade security solutions.
Versed in Threat Detection schools of thought.
A decent "Hacker" - versed in various offensive security tradecraft and research.
Understanding of the threat intelligence lifecycle and the production of actionable intelligence.
#J-18808-Ljbffr