As long as there are people who make the world a better place, we’ll keep making a difference for them. Since 1918, it has been TIAA’s mission to serve those who serve others. It is this mission and the values we embrace that make us a different kind of financial services organization.
When you work here at TIAA, you’re not just in it for yourself. You are part of something bigger. A collective mission to make a difference – a collective mission we make our own.
To be difference makers.
For more information about TIAA, visit our website.
The TIAA Cybersecurity -Threat Management Operations team is seeking an experienced security analyst to participate in the day-to-day operations of the Threat Management Operations team. The incumbent will be responsible for creating custom Intrusion Detection rules inside of various security appliances (host based and networking based), coordinating across teams and organizations to get visibility into threats and exploitation of vulnerabilities. Other duties consist of setting up and participating in threat hunting exercises to find unknown threats, gaps, and areas to improve our detections/visibility. Lastly, hardening and optimizing the usability of our existing security tools.
KEY RESPONSIBILITIES AND DUTIES:
Manage the Threat Management Policy Working Group* which drives and governs custom blocking and detection policies and rules in various security technologies, including Proxy technology, end point technology, Deep Packet analysis technology.
Develop detailed and specific custom detection/blocking rules in development environment and facilitate testing for various security technologies.
Actively hunting for and analyzing previously-unidentified threats in the environment. This includes coordinating with various teams for their participation and help running hunting exercises.
Assist to optimize our existing security tools.
Develop and maintain standard operating procedures, and other documentation to reflect day-to-day security operations.
Train, mentor, and assist in the development other security analysts within the Detection & Response Team.
- Minimum 4 years of relevant work experience in Information Technology and/or Information Security
- Minimum 2 years of penetration testing experience
- Minimum 1 year of Splunk experience
- Knowledge of operating systems, networking protocols, and ability to understand pcaps
- Experience with enterprise information security data management and log aggregation tools
Desired Skills (Preferred not required):
- 5+ years information security experience and mentoring experience is preferred.
- Bachelor’s degree in computer science, information technology, or related field is preferred, but not required.
- Industry-recognized information security certifications are preferred, but not required.
- Experience creating new security alerts, reports, or other monitoring capabilities.
- Experience in scripting languages such as (or similar to) Python, PERL, and Ruby.
- Previous experience in other information security roles, such as penetration testing, intelligence, content development, or incident response.
- Must have strong verbal and written communication skills, with equally strong multi-tasking and documentation skills.
Equal Employment Opportunity is not just the law, it’s our commitment. Read more about the Equal Employment Opportunity Law.
If you need assistance applying due to being visually or hearing impaired, please email Careers Help.
This organization is an equal employment opportunity (EEO) employer, dedicated to maintaining a work environment free of bias, harassment, discrimination and retaliation. As an EEO employer, this organization expressly prohibits discrimination, harassment, and retaliation on the basis of race, creed, ethnicity, color, age, religion, sex, sex stereotype, pregnancy (including childbirth, breastfeeding or related medical conditions where applicable), sexual orientation, gender, gender identity, gender expression, transgender, marital status, national origin, ancestry, physical or mental disability, requesting a reasonable accommodation based on mental or physical disability, medical condition (as defined by applicable law), genetic history and information, citizenship status, military or veteran status, or any other status protected by federal, state, or local law or ordinance or regulation (collectively referred to here as ‘protected characteristics’).
*©2016 Teachers Insurance and Annuity Association of America (TIAA), 730 Third Avenue, New York, NY 10017