Cybersecurity Threat - Program ManagerApply Now Full Job Title: Cybersecurity Threat - Program Manager Job Number: R2207-32613 Location: Baltimore, Maryland; Irving, Texas; Charlotte, North Carolina; Evansville, Indiana; Fort Worth, Texas; Wilmington, Delaware Date Posted: 07/25/2022
We are currently seeking a Cybersecurity Threat Manager that will drive the reduction of organizational risk. They will define and monitor active threats against the company, create threat products for leadership including actor dossiers, track active campaigns, and work across the Cybersecurity space to remediate issues. The ideal candidate will understand technical details of the organization, the underlying infrastructure, drive to implement compensating controls for all defined risks, and communicate the security posture to senior leadership. They will collaborate closely with external partners, security architecture teams, risk and cyber centric security teams, other internal stakeholders, and key leaders to empower the business.
This candidate will report to the Threat and Vulnerability Management Program Director in the Cyber Risk Organization. You will be challenged to excel with exciting and challenging opportunities daily. There is transparency and great support from management teams to allow team members to be effective, grow their careers and meet company goals. Hard work and initiative are rewarded and recognized by management and colleagues alike, which promotes a culture of respect and value across the organization. Within the Cybersecurity Risk team, you will be conducting meaningful work and making a difference in the lives of OneMain’s customers and team members by promoting a cybersecurity culture, optimizing cybersecurity capabilities, and protecting data.
Develop and communicate threat intelligence products including threat assessments, threat actor dossiers, and campaign coordination and tracking
Plan, design, and lead penetration tests and security assessments in conjunction with the Cybersecurity Threat Intelligence team and drive remediation to findings with the owning service teams
Conduct forefront research on relevant vulnerabilities, threat actors, indicators of compromise (IOCs) tactics, techniques, and procedures (TTPs), and trends, identifying actionable areas of interest.
Assist with Cybersecurity risk protection, threat intelligence, and social media monitoring utilizing OSINT, deep/dark web sources, industry tools, and MITRE ATT&CK Framework to monitor cyber and physical security risks and provide actionable intelligence
Maintain thorough documentation of cyber threats, threat vectors, threat actors, and threat trends for consumption during threat modeling activities and security incidents
Advanced communication skills are required. Be able to tell impact statements with data and create meaningful metrics and writing executive style reporting
Must build and maintain strong working relationships with partner teams
Monitor progress of key projects, manage risk, and inform key stakeholders
Assist in creating security awareness training and education programs
Work with other industry experts on learning, exploring, and adapting new best practices
Escalate issues appropriately and in a timely fashion with minimal supervision
Work with audit and compliance on needed artifacts to meet contractual and regulatory needs
Foster an innovative and inclusive team-oriented work environment. Play an active role in counseling and mentoring consultants and Principal Consultants
Provide constructive on-the-job feedback and coaching to team members
Desired Skills and Experience
Bachelor's degree and approximately 5-7 years of related work experience; or a graduate degree and approximately 4-5 years of related work experience
Knowledge of general security concepts and methods such as vulnerability assessments, data classification, privacy assessments, incident response, architectures, or governance.
Strong business acumen, project management expertise and understanding of the Services organization, in particular the Technical Community this role supports but also beginning to understand the other Technical Communities.
Understanding of malicious adversaries, threat groups, and campaigns, indicators of compromise (IOCs), and highly granular tools, techniques, and procedures (TTPs)
Ability to maintain confidentiality while dealing with sensitive information
Strong communicator both written and verbal
Relevant certifications such as SANS GIAC Cyber Threat Intelligence (GCTI) are a plus
Strong leadership, problem solving and critical thinking skills. Ability to prioritize and In-depth understanding of latest security principles and protocols
Strong work ethic, excellent use of discretion and judgment
Cybersecurity Risk, a team within OneMain’s Enterprise Risk Management organization, is a fast-growing team focused on providing expert insight into risk, developing team members, and effective oversight of cybersecurity and technology risk. This is a team where you can work with great team members across the Cyber Risk, Cyber Tech, Risk Management, and Technology organizations. You will be challenged to excel with exciting and challenging opportunities daily. There is transparency and great support from management teams to allow team members to be effective, grow their careers and meet company goals. Hard work and initiative are rewarded and recognized by management and colleagues alike, which promotes a culture of respect and value across the organization. Within the Cybersecurity Risk team, you will be conducting meaningful work and making a difference in the lives of OneMain’s customers and team members by promoting a cybersecurity culture, optimizing cybersecurity capabilities, protecting data, and developing cyber resilient programs.
Note: Employment-based non-immigrant visa sponsorship and/or assistance is not offered for this specific job opportunity.
Because we want our team members to bring us their very best every day, we believe they deserve the right opportunities and benefits. That’s why we packed our comprehensive benefits package for full- and some part-timers with:
Health and wellbeing options for team members and their dependents
Up to 4% matching 401(k)
Paid time off
Paid volunteer time
OneMain Financial is the country’s largest lending-exclusive financial company, a trusted name in lending for over 100 years. Since 2005 alone, we have looked beyond customers credit scores to lend more than $152 billion to 16.2 million people looking for simple, affordable loans.
With branches across 44 states, we're proud partners of the families and communities we serve. They turn to us to help meet important financial needs, including debt consolidation, medical expenses, household bills and auto purchases. It’s all about doing the right thing – a mission that hasn’t changed for more than 100 years.
OneMain Holdings, Inc. is an Equal Employment Opportunity (EEO) and Affirmative Action (AA) employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status.