Skip to main content

Cybersecurity Threat - Program Manager

Apply Now Full Job Title: Cybersecurity Threat - Program Manager Job Number: R2207-32613 Location: Baltimore, Maryland; Irving, Texas; Charlotte, North Carolina; Evansville, Indiana; Fort Worth, Texas; Wilmington, Delaware Date Posted: 07/25/2022

We are currently seeking a Cybersecurity Threat Manager that will drive the reduction of organizational risk.  They will define and monitor active threats against the company, create threat products for leadership including actor dossiers, track active campaigns, and work across the Cybersecurity space to remediate issues. The ideal candidate will understand technical details of the organization, the underlying infrastructure, drive to implement compensating controls for all defined risks, and communicate the security posture to senior leadership. They will collaborate closely with external partners, security architecture teams, risk and cyber centric security teams, other internal stakeholders, and key leaders to empower the business.

This candidate will report to the Threat and Vulnerability Management Program Director in the Cyber Risk Organization. You will be challenged to excel with exciting and challenging opportunities daily.  There is transparency and great support from management teams to allow team members to be effective, grow their careers and meet company goals.  Hard work and initiative are rewarded and recognized by management and colleagues alike, which promotes a culture of respect and value across the organization.  Within the Cybersecurity Risk team, you will be conducting meaningful work and making a difference in the lives of OneMain’s customers and team members by promoting a cybersecurity culture, optimizing cybersecurity capabilities, and protecting data.

Key Responsibilities:

  • Develop and communicate threat intelligence products including threat assessments, threat actor dossiers, and campaign coordination and tracking

  • Plan, design, and lead penetration tests and security assessments in conjunction with the Cybersecurity Threat Intelligence team and drive remediation to findings with the owning service teams

  • Conduct forefront research on relevant vulnerabilities, threat actors, indicators of compromise (IOCs) tactics, techniques, and procedures (TTPs), and trends, identifying actionable areas of interest.

  • Assist with Cybersecurity risk protection, threat intelligence, and social media monitoring utilizing OSINT, deep/dark web sources, industry tools, and MITRE ATT&CK Framework to monitor cyber and physical security risks and provide actionable intelligence

  • Maintain thorough documentation of cyber threats, threat vectors, threat actors, and threat trends for consumption during threat modeling activities and security incidents

  • Advanced communication skills are required. Be able to tell impact statements with data and create meaningful metrics and writing executive style reporting

  • Must build and maintain strong working relationships with partner teams

  • Monitor progress of key projects, manage risk, and inform key stakeholders

  • Assist in creating security awareness training and education programs

  • Work with other industry experts on learning, exploring, and adapting new best practices

  • Escalate issues appropriately and in a timely fashion with minimal supervision

  • Work with audit and compliance on needed artifacts to meet contractual and regulatory needs

  • Foster an innovative and inclusive team-oriented work environment. Play an active role in counseling and mentoring consultants and Principal Consultants

  • Provide constructive on-the-job feedback and coaching to team members

Desired Skills and Experience

  • Bachelor's degree and approximately 5-7 years of related work experience; or a graduate degree and approximately 4-5 years of related work experience

  • Knowledge of general security concepts and methods such as vulnerability assessments, data classification, privacy assessments, incident response, architectures, or governance.

  • Strong business acumen, project management expertise and understanding of the Services organization, in particular the Technical Community this role supports but also beginning to understand the other Technical Communities.

  • Understanding of malicious adversaries, threat groups, and campaigns, indicators of compromise (IOCs), and highly granular tools, techniques, and procedures (TTPs)

  • Ability to maintain confidentiality while dealing with sensitive information

  • Strong communicator both written and verbal

  • Relevant certifications such as SANS GIAC Cyber Threat Intelligence (GCTI) are a plus

  • Strong leadership, problem solving and critical thinking skills. Ability to prioritize and In-depth understanding of latest security principles and protocols

  • Strong work ethic, excellent use of discretion and judgment

Cybersecurity Risk, a team within OneMain’s Enterprise Risk Management organization, is a fast-growing team focused on providing expert insight into risk, developing team members, and effective oversight of cybersecurity and technology risk. This is a team where you can work with great team members across the Cyber Risk, Cyber Tech, Risk Management, and Technology organizations. You will be challenged to excel with exciting and challenging opportunities daily. There is transparency and great support from management teams to allow team members to be effective, grow their careers and meet company goals. Hard work and initiative are rewarded and recognized by management and colleagues alike, which promotes a culture of respect and value across the organization. Within the Cybersecurity Risk team, you will be conducting meaningful work and making a difference in the lives of OneMain’s customers and team members by promoting a cybersecurity culture, optimizing cybersecurity capabilities, protecting data, and developing cyber resilient programs.

Note: Employment-based non-immigrant visa sponsorship and/or assistance is not offered for this specific job opportunity.

Benefits:

Because we want our team members to bring us their very best every day, we believe they deserve the right opportunities and benefits. That’s why we packed our comprehensive benefits package for full- and some part-timers with:

  • Health and wellbeing options for team members and their dependents

  • Up to 4% matching 401(k)

  • Tuition reimbursement

  • Continuing education

  • Bonus eligible

  • Paid time off

  • Paid volunteer time

  • And more

Our Company:

OneMain Financial is the country’s largest lending-exclusive financial company, a trusted name in lending for over 100 years. Since 2005 alone, we have looked beyond customers credit scores to lend more than $152 billion to 16.2 million people looking for simple, affordable loans.

With branches across 44 states, we're proud partners of the families and communities we serve. They turn to us to help meet important financial needs, including debt consolidation, medical expenses, household bills and auto purchases. It’s all about doing the right thing – a mission that hasn’t changed for more than 100 years.

#LI-EK1

#LI-Remote

OneMain Holdings, Inc. is an Equal Employment Opportunity (EEO) and Affirmative Action (AA) employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status.

Start Looking For Your Ideal Position. Search Jobs

Join Our Talent Community

Sign up here for job alert emails and SMS messages from OneMain Financial Recruiting.