Skip to navigation
Skip to main content
Skip to footer

IS Technical Specialist(Red Team Specialist Sr) in Columbus at Huntington

Date Posted: 6/27/2018

Job Snapshot

Job Description

Brief Description:
Responsible for conducting authorized tests of the Huntington network and systems for various threats and working with the appropriate teams to implement controls to mitigate or block those threats from being exploited. The specialist will coordinate with external teams hired to conduct penetration tests for Huntington, provide insight on the Huntington technology, and liaison with other teams and leadership on testing activities and results. The incumbent will assists with tracking the gaps identified from all testing activities and working with the appropriate teams to close them.

Detailed Description:
Position is focused on challenging the information security posture of the bank, identifying potential gaps, and taking action to mitigate the issues found. Incumbent will work closely with threat intelligence analyst to monitor and test for the potential exploit of known and emerging threats. The specialists will also serve in a coordination role with external firms hired to conduct penetration tests.
* Partnering with business segments to decision a penetration test, define the control objectives to test, overseeing and guiding the test leading technical and business personnel in the remediation of any findings from the test.
* Define the scope, rules of engagement, and primary objectives for red team exercises.
* Creation, implementation and testing of logic to prevent and detect malicious actions across the Huntington network.
* Identify and integrate detective measures to better support existing components throughout the enterprise.
* Obtain control over target systems using social engineering, client-side and server-side exploits, local privilege escalation, and password attacks (guessing, cracking, sniffing, and pass-the-hash)
* Understanding the technical details of various attacks, including network, web application and wireless exploits.
* Demonstrate comprehensive understanding of varied Threat Actors, remain vigilant to their changing tactics, stay abreast of industry trends, and strategize operational enhancements to combat emerging threats.
* Ensure operational capabilities do not leave obvious traces as to the purpose of the operation and who is behind it.
* Know exactly how attackers are tracked on systems and on network resources from file system forensics, registry forensics, network forensics and artifact forensics.

Basic Qualifications:
* Bachelor's degree
* Minimum of 5 years of Information Security, Threat Intelligence, or Penetration Testing experience with focus on cyber security, incident response, cross channel fraud or related discipline.

Preferred Qualifications:
* Working knowledge of various detection and prevention systems, their capabilities and application.
* Broad knowledge of technology and how it can be exploited.
* Understand the technical details of various attacks, including network, web application and wireless exploits.
* Splunk, maltego, scripting, experience performing Hunting activities; prior experience analyzing logs, netflow and packets.
* A creative person who enjoys investigating and identifying cyber threats and taking action to prevent or mitigate those threats.
* Exceptional analytical and problem solving skills; ability to identify, escalate, investigate and resolve issues.
* Strong verbal and written communication skills; able to correspond effectively with segment risk officers, various operations teams and senior management.
* Capable of sharing knowledge, mentoring, and training other team members.
* Ability to manage and prioritize complex and occasionally competing tasks.
* Self-motivated with the ability to work independently and as a member of a team.
* CEH/CISSP certifications are a plus
* Working knowledge of consumer and commercial banking across multiple channels preferred
* Experience with reverse engineering of malware preferred

EEO/AA Employer/Minority/Female/Disability/Veteran/Sexual Orientation/Gender Identity Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details. Huntington does not accept solicitation from Third Party Recruiters for any position.