StPaulRecruiter Since 2001
the smart solution for St. Paul jobs

Cybersecurity Consultant- Incident Mgmt and Forensics

Company: Securian Financial
Location: Saint Paul
Posted on: June 12, 2021

Job Description:

  • Securian Financial Groups internal position title is Info Security Consultant

Position Summary:

The Incident Management and Forensics (IMF) team is a part of the Enterprise Cybersecurity Solutions organization. It is tasked with the identification and investigation of suspicious activity in Securian's environment, triggering further response to cybersecurity incidents.

We are looking for someone with a curious mindset, someone willing to dig into problems until they are satisfied with a result. Someone who works well with others to elevate the team. A self-driven investigator who will provide defense against those who wish to use Securian's technology to do the company harm.

We are committed to continuous growth and learning opportunities, and constantly improve our practices to achieve our goals. We provide extensive/ongoing training from industry leading organizations. This job is a more senior level position in the CyberOps area, which is part of the larger Enterprise Cybersecurity Solutions organization.

Responsibilities include but not limited to:

  • Creating alerts. Utilizing logs from various security tools, IMF team members work with our SIEM team to develop appropriate security monitoring for both on premise and cloud solutions.
  • Responding to alerts. Leveraging both internal cybersecurity incident detection and a third-party security provider to monitor activity in our environment, the IMF reviews activity alerts to determine if they are suspicious or malicious.
  • Managing cybersecurity incidents, lead the efforts of our overall Cybersecurity Incident Response team (CSIRT).
  • Investigating potential indicators of compromise gathered via cyber threat intelligence. As intelligence is gathered from outside sources, the IMF evaluates that intel to determine if there is a risk to Securian's data or business.
  • Malicious email response. The IMF monitors and collects information about malicious email and responds appropriately to protect Securian from malware and phishing campaigns.
  • Managing the application whitelisting tool. The IMF manages the approval of non-standard applications brought into our environment and confirms the safety of these apps.
  • Reporting on malicious activity attempted against Securian.
  • Continuous process improvement along with automation and orchestration for incident identification and response processes.
  • Learning and understanding common attack techniques and how to defend against them.

IMF associates partner with many different areas of the Enterprise Technology organization at Securian Financial. These tasks include:

  • Leading incident management via the matrixed CSIRT team. Each incident's CSIRT team is created for that incident and includes associates from any and all Enterprise Technology teams necessary.
  • Creating runbooks for new alerts generated with members of the Security Information and Event Management (SIEM) team.
  • Collaborating with the internal Red Team to develop training exercises and skill testing.
  • Working with the Cyber Threat Intelligence and Vulnerability Management teams to assess and remediate threats and vulnerabilities facing our company.

Qualifications:

  • Excellent written and verbal communication skills, analytical ability, and the ability to work effectively with both technical and management associates
  • A strong collaborative, team first mentality
  • A desire to learn and develop cybersecurity skills
  • 4-year degree in Computer Science or related field or commensurate experience.
  • A strong understanding of core networking concepts
  • A minimum of 5 years in technology or application development with knowledge of a variety of applications, technology platforms, and operating systems.
  • Conceptual and practical understanding of IT infrastructure designs, technologies, products, and services.

Preferred Qualifications:

  • Training or experience in scripting or software development with Java, C++, Python, or PowerShell
  • Familiarity with software deployment pipelines/cloud
  • GSEC, GCIH or equivalent certification
  • AWS certifications

Securian Financial has been around for nearly 140 years. We're committed to giving back to our community, donating 15,000 employee volunteer hours this past year. We also provide extensive resources to our employees for professional development and growth and a number of diverse professional and social opportunities throughout the company. There's a reason our employees have voted us as a best place to work year after year! In addition:

  • Generous paid time off. We want you to take time off for whatever matters most to you!
  • Tuition reimbursement program. We value continuous learning at Securian!
  • Company-funded pension plan as well as 401K retirement plan - great resources to secure your financial future.
  • Continuous opportunities for new challenges.
  • Variety of health plan options as well as dental and vision plans.
  • Paid maternity/paternity leaves.

Physical job requirements:

Physical Job Requirements

  • Ability to utilize keyboard, mouse and computer for up to 8 hours per day
  • Ability to work at least 40 hours per week
  • Ability to utilize telephone for up to 8 hours per day
  • Ability to perform grasping tasks throughout the entire work day (examples: handwriting, grasping of equipment/machines, paper manipulation, sorting, folding, handling stacks of paper)

The physical job requirements described above are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of jobs.

Equal employment opportunity:

Securian Financial Group, Inc. does not discriminate based on race, color, creed, religion, national origin, sex, gender identity, sexual orientation, age, marital or familial status, pregnancy, disability, genetic information, political affiliation, veteran status, status in regard to public assistance, status in a local human rights commission, or any other status or condition protected by local, state or federal law. If you are a job seeker with a disability and require an accommodation to apply for one of our jobs, please contact us by telephone 651-665-5522 (voice), 711 (telecommunications relay), or by email at EmployeeRelations@securian.com

For all inquiries about this position, please apply directly on our website or contact us at employment@securian.com for further questions.

As a full-time associate, you will be eligible for the full range of Company benefits which include life insurance, medical and dental coverage, retirement plan, profit sharing plan, paid vacation and personal time, flexible spending accounts (use of pretax dollars for dependent care, dental and medical expenses not covered under your medical plan), etc.

Securian Financial Group, Inc. does not discriminate based on race, color, creed, religion, national origin, sex, gender identity, sexual orientation, age, marital or familial status, pregnancy, disability, genetic information, political affiliation, veteran status, status in regard to public assistance, status in a local human rights commission, or any other status or condition protected by local, state or federal law. If you are a job seeker with a disability and require an accommodation to apply for one of our jobs, please contact us by telephone 651-665-5522 (voice), 711 (telecommunications relay), or by email at EmployeeRelations@securian.com.

To view our privacy statement click here

To view our legal statement click here

Keywords: Securian Financial, St. Paul , Cybersecurity Consultant- Incident Mgmt and Forensics, Other , Saint Paul, Minnesota

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest Minnesota jobs by following @recnetMN on Twitter!

St. Paul RSS job feeds