Prudential
Lead, Attack Surface Management Reporting & Risk-Based Orchestration
Prudential, Newark, New Jersey, us, 07175
Job Classification:Technology - Information SecurityAre you interested in building capabilities that enable the organization with innovation, speed, agility, scalability and efficiency? The Global Technology team takes great pride in our culture where digital transformation is built into our DNA! When you join our organization at Prudential, you’ll unlock an exciting and impactful career – all while growing your skills and advancing your profession at one of the world’s leading financial services institutions.Your Team & Role
As a Lead, Attack Surface Management Reporting & Risk-Based Orchestration on the Attack Surface Management team, you will partner with IT Operational Risk teams, Chief Data Office, Chief Technology Office service delivery teams and other ASM leaders to provide technical expertise and solutions across the full lifecycle of vulnerability management. This includes asset management, scanning, threat intelligence, analysis, reporting, and integrations of your solutions.This role will also require you to partner with stakeholders to support the implementation and alignment of operational best practices. You will need to own tasks and project workstreams, perform analysis and diagnosis of issues related to technology configuration, setup, procedural and/or process challenges, and contribute to deliverables. You will have the opportunity to work on significant and unique challenges where analysis of situations and data requires an evaluation of intangible variables which may impact future concepts, products, or technologies to ensure the security of our products and customers! In addition to software engineering skills and advanced operational experience, you will bring excellent problem solving, communication, and teamwork skills, along with agile ways of working, strong business insight, an inclusive leadership attitude and a continuous learning focus to all that you do.Here is What You Can Expect on a Typical Day
Manage the day-to-day Operations team work, while guiding and transferring knowledge to more junior team members. Guide teams through project work, goals, and alignment of tasks to deliver objectives and meet commitments.Function as the subject matter expert on workflow orchestration tools, processes, and capabilities critical to the Attack Surface Management team. Create workflows to resolve business use cases. Collaborate with stakeholders to understand requirements and design capabilities specific to different stakeholder personas (remediation owner, GRC, business owner, service delivery, vulnerability management).Design the system to support optimized lifecycle management processes across multiple assessments (manual and automated). Design the system for scale (via APIs integrated with assessment tools) and automate as much capability as feasible to enable self-service.Develop and implement detailed technical and configuration specifications to enable the system to support lifecycle management of the various ASM functions (vulnerability management, penetration testing, OSS vulnerability management, EOL management, container vulnerability management, configuration baselines/compliance monitoring, IaC, etc.)Support product management of the orchestration tools used by ASM such as ServiceNow Vulnerability Response (VR) and Configuration Compliance (CC) modules, including design, configuration/development and operational support.Enable UX/UCD (user focused design) to reduce friction in managing remediation efforts, support clear risk-based prioritization and self-service.Function as the escalation point for all Security Operations daily operational and maintenance work as well as project work from more junior staff on the team.Leverage ASM tool/process specific knowledge to resolve complex technical/process/people problems the team faces.Leverage organizational and industry knowledge to bridge gaps between the ASM teams (Offensive/Product Security, Application Security, VM and Compliance Monitoring) and internal IT/business teams to ensure the team has the information and resources they need to meet team goals. Ability to innovate and think broadly across multiple platforms required.Partner with leadership to set direction for the future of the Attack Surface Management reporting & risk-based orchestration program, while ensuring an accurate understanding and in-depth knowledge of daily operations to provide ASM orchestration and integration recommendations.Ensure reporting data validation and metrics to ensure accurate risk posture to leadership and evolve reporting as necessary to support. Must have a clear understanding and familiarity with ETL processes used on source data.Revise processes and procedures, metrics, and documentation that continue to improve orchestration and attack surface tracking capabilities.Ingestion and maintenance of common vulnerability feeds from government, vendor, and open-source communities.Scripting / programming skills (e.g., Python, PowerShell, JavaScript, Glide).Work with IT peers and business stakeholders to ensure remediation efforts adhere to corporate standards and policies.Align reporting to business operational models and compliance controls (SOX, NIST CSF).Create team run books for scanning and reporting processes developed. Develop and maintain integration documentation, including data flow diagrams, mapping, and technical specifications.Design, configure, and support data integrations (use and understanding of REST API or creation of integration points outside of those directly supported by vendors) for Qualys, Wiz, Threat Intelligence, Xray, HackerOne, Checkmarx, GitHub, AquaSec, NVD, JIRA, Guardium, ServiceNow Change Mgmt, etc.Design, configure and support Flow Designer flows and sub-flows leveraging REST API for data exchange. Deep understanding of Flow Designer and ability to revise as needed.Liaison with CMDB team to enhance CMDB as it relates to VR and CC data requirements.Enhance reporting capability of both VR and CC as it relates to dashboards, Power BI reports, and performance analytics.Customize VR and CC roles and groups.Build a roadmap and plan to support VR and CC dependencies and upgrades.Monitor and troubleshoot integration and workflow issues to ensure system reliability and performance.Ensure data security and compliance with relevant regulations and standards during integration, development, and process workflow designs.The Skills & Expertise You Bring
Bachelor of Computer Science or Software Engineering or experience in related fieldsSystems thinking to align system design and operational capabilities.Ability to coach others with minimal guidance and effectively leverage diverse ideas, experiences, thoughts, and perspectives to the benefit of the organization.Experience with agile development methodologies and Test-Driven Development (TDD).Knowledge of business concepts, tools and processes that are needed for making sound decisions in the context of the company's business.Ability to learn new skills and knowledge on an on-going basis through self-initiative and tackling challenges.Experience in data engineering to correlate and map complex data sources into a data driven process to drive focused prioritization.Excellent problem solving, communication, and collaboration skills. Ability to think creatively, innovate and challenge status quo processes or procedures.Following SDLC processes, ability to customization watch topics, assignment rules, grouping rules, risk calculator rules, remediation target rules, auto-close and auto-delete rules, exception rules, notifications, classification rules, SLA definition, severity/normality mapping, and background jobs.Design and develop solutions to enrich vulnerabilities items and test result records and other VR and CC tables to enhance VR and CC capabilities.Bring a strong understanding of relevant and emerging technologies, provide input and coach team members, and embed learning and innovation in the day-to-day.Leverage AI to automate remediation guidance and provide actionable reporting.Leverage JIRA as part of SDLC Agile development process.Implement security improvements by assessing current situations, evaluating trends, and anticipating requirements.Significant experience and/or deep expertise with several of the following:
Development of a risk rubric across assessment tools to support consistent, predictive analytics and prioritizationService Now development, administration, implementation, and integration experience with core orchestration capabilities (Vulnerability Response Enterprise – Including Application Vulnerability Response, Container Vulnerability Response, Patch Orchestration, Cloud Container Security, CSAM, SBOM and Configuration Compliance).Experience with utilizing Power BI for dashboard reporting.Excellent communication, presentation, writing, and documentation skills.Self-directed, outcome focused and with attention to detail.Good deductive reasoning skill and a creative thinker.Ability to simplify complex workflows and design solutions with an automation first mindset.Understand how to and is able to create queries to support data extraction correlation and reporting.Candidates must have operational knowledge of the vulnerability assessment lifecycle, including identification of vulnerabilities, risk rating, threat correlation, asset-based remediation management, reporting, and exceptions management.Candidates must be familiar with various vulnerability and security scanning tools, should be familiar with CVEs, CVSS, DevOps, CIS Benchmarks, OWASP, and Mitre as well as other industry specific vulnerability classification standards, frameworks, and best-practices.Preferred qualifications:
CIS Vulnerability Response or CIS-Configuration Compliance certificationProven experience with Service Now implementation experienceYou’ll Love Working Here Because You Can
Join a team and culture where your voice matters; where every day, your work transforms our experiences to make lives better. As you put your skills to use, we’ll help you make an even bigger impact with learning experiences that can grow your technical AND leadership capabilities. You’ll be surprised by what this rock-solid organization has in store for you.What we offer you:
Market competitive base salaries, with a yearly bonus potential at every levelMedical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leaveRetirement plans:401(k) plan with company match (up to 4%)Company-funded pension planWellness Programs to help you achieve your wellbeing goals, including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needsWork/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.Tuition Assistance to help finance traditional college enrollment toward obtaining an approved degree, many accredited certificate programs, and industry designations.Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service.To find out more about our Total Reward package, see our Total Rewards Brochure. Some of the above benefits may not apply to part-time employees scheduled to work less than 20 hours per week.Note: Prudential is required by state specific laws to include the salary range for this role when hiring a resident in applicable locations. The salary range for this role is from $125,000.00 to $186,100.00. Specific pricing for the role may vary within the above range based on many factors including geographic location, candidate experience, and skills. Roles may also be eligible for additional compensation and/or benefits. Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance. In addition, employees are eligible for standard benefits package including paid time off, medical, dental and retirement.
#J-18808-Ljbffr
As a Lead, Attack Surface Management Reporting & Risk-Based Orchestration on the Attack Surface Management team, you will partner with IT Operational Risk teams, Chief Data Office, Chief Technology Office service delivery teams and other ASM leaders to provide technical expertise and solutions across the full lifecycle of vulnerability management. This includes asset management, scanning, threat intelligence, analysis, reporting, and integrations of your solutions.This role will also require you to partner with stakeholders to support the implementation and alignment of operational best practices. You will need to own tasks and project workstreams, perform analysis and diagnosis of issues related to technology configuration, setup, procedural and/or process challenges, and contribute to deliverables. You will have the opportunity to work on significant and unique challenges where analysis of situations and data requires an evaluation of intangible variables which may impact future concepts, products, or technologies to ensure the security of our products and customers! In addition to software engineering skills and advanced operational experience, you will bring excellent problem solving, communication, and teamwork skills, along with agile ways of working, strong business insight, an inclusive leadership attitude and a continuous learning focus to all that you do.Here is What You Can Expect on a Typical Day
Manage the day-to-day Operations team work, while guiding and transferring knowledge to more junior team members. Guide teams through project work, goals, and alignment of tasks to deliver objectives and meet commitments.Function as the subject matter expert on workflow orchestration tools, processes, and capabilities critical to the Attack Surface Management team. Create workflows to resolve business use cases. Collaborate with stakeholders to understand requirements and design capabilities specific to different stakeholder personas (remediation owner, GRC, business owner, service delivery, vulnerability management).Design the system to support optimized lifecycle management processes across multiple assessments (manual and automated). Design the system for scale (via APIs integrated with assessment tools) and automate as much capability as feasible to enable self-service.Develop and implement detailed technical and configuration specifications to enable the system to support lifecycle management of the various ASM functions (vulnerability management, penetration testing, OSS vulnerability management, EOL management, container vulnerability management, configuration baselines/compliance monitoring, IaC, etc.)Support product management of the orchestration tools used by ASM such as ServiceNow Vulnerability Response (VR) and Configuration Compliance (CC) modules, including design, configuration/development and operational support.Enable UX/UCD (user focused design) to reduce friction in managing remediation efforts, support clear risk-based prioritization and self-service.Function as the escalation point for all Security Operations daily operational and maintenance work as well as project work from more junior staff on the team.Leverage ASM tool/process specific knowledge to resolve complex technical/process/people problems the team faces.Leverage organizational and industry knowledge to bridge gaps between the ASM teams (Offensive/Product Security, Application Security, VM and Compliance Monitoring) and internal IT/business teams to ensure the team has the information and resources they need to meet team goals. Ability to innovate and think broadly across multiple platforms required.Partner with leadership to set direction for the future of the Attack Surface Management reporting & risk-based orchestration program, while ensuring an accurate understanding and in-depth knowledge of daily operations to provide ASM orchestration and integration recommendations.Ensure reporting data validation and metrics to ensure accurate risk posture to leadership and evolve reporting as necessary to support. Must have a clear understanding and familiarity with ETL processes used on source data.Revise processes and procedures, metrics, and documentation that continue to improve orchestration and attack surface tracking capabilities.Ingestion and maintenance of common vulnerability feeds from government, vendor, and open-source communities.Scripting / programming skills (e.g., Python, PowerShell, JavaScript, Glide).Work with IT peers and business stakeholders to ensure remediation efforts adhere to corporate standards and policies.Align reporting to business operational models and compliance controls (SOX, NIST CSF).Create team run books for scanning and reporting processes developed. Develop and maintain integration documentation, including data flow diagrams, mapping, and technical specifications.Design, configure, and support data integrations (use and understanding of REST API or creation of integration points outside of those directly supported by vendors) for Qualys, Wiz, Threat Intelligence, Xray, HackerOne, Checkmarx, GitHub, AquaSec, NVD, JIRA, Guardium, ServiceNow Change Mgmt, etc.Design, configure and support Flow Designer flows and sub-flows leveraging REST API for data exchange. Deep understanding of Flow Designer and ability to revise as needed.Liaison with CMDB team to enhance CMDB as it relates to VR and CC data requirements.Enhance reporting capability of both VR and CC as it relates to dashboards, Power BI reports, and performance analytics.Customize VR and CC roles and groups.Build a roadmap and plan to support VR and CC dependencies and upgrades.Monitor and troubleshoot integration and workflow issues to ensure system reliability and performance.Ensure data security and compliance with relevant regulations and standards during integration, development, and process workflow designs.The Skills & Expertise You Bring
Bachelor of Computer Science or Software Engineering or experience in related fieldsSystems thinking to align system design and operational capabilities.Ability to coach others with minimal guidance and effectively leverage diverse ideas, experiences, thoughts, and perspectives to the benefit of the organization.Experience with agile development methodologies and Test-Driven Development (TDD).Knowledge of business concepts, tools and processes that are needed for making sound decisions in the context of the company's business.Ability to learn new skills and knowledge on an on-going basis through self-initiative and tackling challenges.Experience in data engineering to correlate and map complex data sources into a data driven process to drive focused prioritization.Excellent problem solving, communication, and collaboration skills. Ability to think creatively, innovate and challenge status quo processes or procedures.Following SDLC processes, ability to customization watch topics, assignment rules, grouping rules, risk calculator rules, remediation target rules, auto-close and auto-delete rules, exception rules, notifications, classification rules, SLA definition, severity/normality mapping, and background jobs.Design and develop solutions to enrich vulnerabilities items and test result records and other VR and CC tables to enhance VR and CC capabilities.Bring a strong understanding of relevant and emerging technologies, provide input and coach team members, and embed learning and innovation in the day-to-day.Leverage AI to automate remediation guidance and provide actionable reporting.Leverage JIRA as part of SDLC Agile development process.Implement security improvements by assessing current situations, evaluating trends, and anticipating requirements.Significant experience and/or deep expertise with several of the following:
Development of a risk rubric across assessment tools to support consistent, predictive analytics and prioritizationService Now development, administration, implementation, and integration experience with core orchestration capabilities (Vulnerability Response Enterprise – Including Application Vulnerability Response, Container Vulnerability Response, Patch Orchestration, Cloud Container Security, CSAM, SBOM and Configuration Compliance).Experience with utilizing Power BI for dashboard reporting.Excellent communication, presentation, writing, and documentation skills.Self-directed, outcome focused and with attention to detail.Good deductive reasoning skill and a creative thinker.Ability to simplify complex workflows and design solutions with an automation first mindset.Understand how to and is able to create queries to support data extraction correlation and reporting.Candidates must have operational knowledge of the vulnerability assessment lifecycle, including identification of vulnerabilities, risk rating, threat correlation, asset-based remediation management, reporting, and exceptions management.Candidates must be familiar with various vulnerability and security scanning tools, should be familiar with CVEs, CVSS, DevOps, CIS Benchmarks, OWASP, and Mitre as well as other industry specific vulnerability classification standards, frameworks, and best-practices.Preferred qualifications:
CIS Vulnerability Response or CIS-Configuration Compliance certificationProven experience with Service Now implementation experienceYou’ll Love Working Here Because You Can
Join a team and culture where your voice matters; where every day, your work transforms our experiences to make lives better. As you put your skills to use, we’ll help you make an even bigger impact with learning experiences that can grow your technical AND leadership capabilities. You’ll be surprised by what this rock-solid organization has in store for you.What we offer you:
Market competitive base salaries, with a yearly bonus potential at every levelMedical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leaveRetirement plans:401(k) plan with company match (up to 4%)Company-funded pension planWellness Programs to help you achieve your wellbeing goals, including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needsWork/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.Tuition Assistance to help finance traditional college enrollment toward obtaining an approved degree, many accredited certificate programs, and industry designations.Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service.To find out more about our Total Reward package, see our Total Rewards Brochure. Some of the above benefits may not apply to part-time employees scheduled to work less than 20 hours per week.Note: Prudential is required by state specific laws to include the salary range for this role when hiring a resident in applicable locations. The salary range for this role is from $125,000.00 to $186,100.00. Specific pricing for the role may vary within the above range based on many factors including geographic location, candidate experience, and skills. Roles may also be eligible for additional compensation and/or benefits. Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance. In addition, employees are eligible for standard benefits package including paid time off, medical, dental and retirement.
#J-18808-Ljbffr