Job Classification:

Technology - Information Security

Are you interested in building capabilities that enable the organization with innovation, speed, agility, scalability, and efficiency? The Global Technology team takes great pride in our culture where digital transformation is built into our DNA! When you join our organization at Prudential, you’ll unlock an exciting and impactful career – all while growing your skills and advancing your profession at one of the world’s leading financial services institutions.

Your Team & Role

As a Cyber Security Operations Specialist, you would be functioning as the first line of defense for the company. This position is much more than just watching an incident queue. You will have the opportunity to develop integrations, correlations, and SIEM content to better protect the environment.

The CSOC, and the larger ISO, are dynamic teams that look for self-motivated talent, meaning the CSOC will embrace and leverage the background and abilities you offer to better the overall organization. Ideal candidates will enjoy solving complex puzzles (also known as security incidents) in a fast-paced Information Security environment. Candidates would use their background in networking, operating systems, and security tools/knowledge to not just remediate any incidents that arise but also work with the senior members of the CSOC to create custom detections, alerts, and reporting to further improve the capabilities of the CSOC. Ideal candidates are comfortable working in a potentially high stakes environment while working off potentially incomplete/not ideal information/conditions.

As this position is a mid-tier Analyst, the expectation is also to help mentor and guide the more junior Analysts, while potentially covering for the shift lead. Besides the more traditional SOC work event investigation/management, you will have the opportunity to become involved in the configuration of the tools/products used by the CSOC. You will not only join a constantly evolving team but also provide their input towards the direction of the organization. Additionally, Prudential believes in keeping up/growing the technical and soft skills of our CSOC team members as they progress.

Here is What You Can Expect on a Typical Day

• Analyze potential security incidents to resolve impact/scope of the incident.
• Follow and offer improvements to Incident Response procedures to perform preliminary log collection and incident investigations, determining the cause of the security incident, containing the threat, and building protections against future infections.
• Collaborate with technical personnel and other teams in the ISO as well as the larger organization as required to facilitate incident response and enhancing detective capabilities.
• Follow and offer improvements to critical issue procedures to counteract and contain potential threats.
• Appropriately inform and advise team/site/shift leads and managers on incidents and incident prevention.
• Document changes to and conform to existing processes related to security monitoring.
• Participate in knowledge sharing with other Analysts and amplify solutions efficiently.
• Conduct network, endpoint, and log analysis by applying various consoles on a regular basis (e.g., SIEM, IPS, firewall, EDR, advanced malware detection etc.).
• Leverage the toolset to investigate incidents using computer/network forensic techniques to reconstruct events, identify unknown intrusions using indicators of compromise as well as identify and track any lateral movement.
• Work closely with team members, management, and other IT teams (Workstation, Network, Server, etc.).
• Maintain the integrity and security of enterprise-wide cyber systems and networks by coordinating resources during enterprise triage/incident response efforts.
• Apply an understanding of attack signatures, tactics, techniques, and procedures associated with advanced threats, while using security domain knowledge to improve Prudential’s defenses/detection mechanisms.
• CSOC team provides 24x7x365 support and this role will be part of the Night Shift.

Qualifications:

• Bachelor's degree in Information Technology, Information Security, Computer Science, or a related field; or 4 years equivalent direct work-related experience in lieu of a degree.
• Experience (3+ yrs.) in a corporate IT environment in addition to a degree.
• IT Security certifications (e.g., Security+, GSEC, GCIH, GMON, GCTI, GNFA, GCWN, GREM, OSCP etc.).
• Direct background or experience working in a SOC or other Cyber Security Operations.
• Exposure to/ knowledge of SIEM technology, preferable Splunk (ES & Phantom).
• Understanding of IT Security practices/programs.
• Documentation/process experience in IT or Cyber Security.
• Effective oral and written communication skills as well as problem solving & analytical skills.
• A deep understanding of networking concepts and tools.
• Innovative and willing to raise unique/original ideas.
• Teammate that can work with businesses around the world in different time zones and with a diverse cultural background while being supportive of local customs.
• Proven passion about the information security field and cyber defense including commitment to training, self-study, and maintaining proficiency in the technical cyber security domain.
• Automation experience and scripting background (Python, PowerShell, bash, etc.) is a huge plus.
• Familiarity with sandboxing solutions and malicious file analysis.
• Prior exposure/experience with Cyber Threat Intelligence is a plus.

Note: Prudential is required by state specific laws to include the salary range for this role when hiring a resident in applicable locations. The salary range for this role is from $97,300.00 to $144,900.00. Specific pricing for the role may vary within the above range based on many factors including geographic location, candidate experience, and skills. Roles may also be eligible for additional compensation and/or benefits. Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance. In addition, employees are eligible for standard benefits package including paid time off, medical, dental and retirement.