Cyber Threat Detection and Response Team Specialist - CTDR
Johnston, Rhode Island
You’ll quickly learn that we’re not like other property insurance companies. We’re guided by the belief that most losses can be prevented. So we do everything we can to understand your business needs and reduce your risk.
What makes a successful Candidate at FM Global? Check out the traits we’re looking for and see if you have the right mix.
- Client/Customer Focus
- Decision Quality
- Collaboration and Teamwork
- Ensures Accountability
- Change Agent
- Communicates Effectively
Hear what our employees have to say about working at FM Global
employee since 2008
WHEN YOU'RE INVESTED IN SOLVING CHALLENGES, IT HELPS TO BE WITH A COMPANY THAT INVESTS IN YOUR SUCCESS.
My parents have always instilled in me the concept of working hard, having fun, thinking long term and planning for the future. FM Global is exciting, innovative and dynamic, and with so many professional opportunities here, it's also a company where you can spend your whole career and never get bored. I remember back during one of my initial interviews with FM Global, a manager shared that over 80% of the office staff had been with the company since they graduated college. That kind of longevity is one of the reasons I decided to work at FM Global. I'm proud to work for a company that invests in its employees and trains them to be the best. The willingness to learn is universal, the exposure to knowledge is infinite and the different career paths are endless. The opportunities to think long term don't get much broader.
See how FM Global and East Kentucky Power Cooperative partner to manage boiler and machinery risk.
FM Global Named One of America’s Best Employers by Forbes
Your financial goals are important to us, so we offer retirement programs that reflect local policy and custom.
Your time at FM Global should be valuable and enriching, with plenty of opportunities for skills development and career growth.
Eligible employees participate in an incentive plan based on the company achieving its annual financial goals.
More information about this job:
Overview - External:
FM Global is a leading property insurer of the world's largest businesses, providing more than one-third of FORTUNE 1000-size companies with engineering-based risk management and property insurance solutions. FM Global helps clients maintain continuity in their business operations by drawing upon state-of-the-art loss-prevention engineering and research; risk management skills and support services; tailored risk transfer capabilities; and superior financial strength. To do so, we rely on a dynamic, culturally diverse group of employees, working in more than 100 countries, in a variety of challenging roles.
Responsibilities - External:
FM Global is looking for an experienced and dedicated senior level cyber professional to complement and help lead our existing Cyber Threat Detection and Response Team (CTDR). The CTDR team is responsible for planning, designing, building, operating, and maintaining FM Global’s enterprise cyber threat detection and response capabilities. This includes program services such as threat intelligence, threat hunting, threat research, and content development for cyber threat monitoring platforms (SIEM/UEBA/SOAR). The successful candidate will be an experienced practitioner who has effectively developed practices as well as sustainable supporting processes to deliver these capabilities to the enterprise.
They should take pride in the quality of their work, and the effectiveness of the cyber security controls for which they are responsible.
He/she will react quickly, decisively, and deliberately in high-stress, high-impact situations and collaborate with others to understand and provide guidance surrounding these circumstances. The Senior Security Analyst will also have strong decision-making skills and the ability to implement and measure processes to show effectiveness and consistency.
Qualifications - External:
- Bachelor’s Degree in Information Security / Assurance, Computer Science, Information Technology, or a related discipline, or equivalent work experience or technical training with a non-related degree. (Related certifications such as LPT, OSCP, GWAPT, GWEB, GCIA, GSNA, GCIH, CISSP, CISM, CISA, CEH, GIAC, GPEN, GCED a plus)
- Minimum of five (5) years of progressive experience in cyber security or a related discipline.
Skills and Abilities:
- Strong verbal and written communication skills.
- Solid Interpersonal skills.
- Ability to coordinate activities with team members and other stakeholders.
- Excellent customer service skills.
- Must have a strong work ethic, great time management skills and a positive attitude.
- Ability to work independently or on a team
- Ability to multi-task and change priorities with effective results.
- An understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats
- Working familiarity with cyber security frameworks (such as Cyber Kill Chain, MITRE ATT&CK) and experience applying those frameworks to an enterprise security program
- Experience developing meaningful metrics which demonstrate the value of cyber threat detection and response practices to the enterprise and/or provide a real time representation of the cyber threat landscape for our specific organization or industry.
- Experience using discovery/reconnaissance/OSINT tools; e.g. nmap, Bloodhound, shodan, etc.
- Researching attack patterns and understanding an attacker’s Tactics, Techniques and Procedures (TTPs)
- Ability to define and continuously improve processes to enhance efficient threat hunting operations.
- Configure and tune data sources (vendor-provided/third-party/open-source), rules, and alerts
- Identify visibility gaps and develop options to address them
- Experience creating automated log correlations in SIEM/UEBA to identify anomalous and potentially malicious behavior
- Provide expert investigative support for security incidents.
- Experience using online sources for reliable analysis of emerging threats
• Ability to work with cyber threat operations and engineering team as well as other IT disciplines to design new controls and procedures to prevent future occurrences of common threats.