Job Abstract

The Technical Security Lead will support the protection of our information assets from intentional or unintentional exposure, modification destruction, or denial of access by identifying potential security breaches in a timely and accurate fashion as well as managing the environment and controls within the environment. This role is the ultimate expert within UHM’s security operations teams and will need to be both an expert in multiple security domains and a resource for other IT staff. This person is as comfortable with encoded PowerShell as they are with presenting complex security concepts in an easily understood manner.

At UHM, we understand diversity comes in many different forms. It’s our commitment to improve inclusion in the workplace through programs and policies that establish a positive and inclusive environment where every Partner, regardless of their background, can grow and excel. We value diversity, educate on equity, and create inclusive partner opportunities to ensure that you know #UBelongAtUHM!

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Support IT teams with best practices around systems design, hardening, encryption, data protection, and authentication.
• Design, implement and maintain the technical security controls including SIEM, EDR, Cloud security, vulnerability management, and Email protection.
• Work cooperatively with the infrastructure team to maintain and harden the operating environment.
• Build out relevant KRI and KPI metrics.
• Develop and Define a Threat Intelligence function within UHM.
• Engage with industry peers to facilitate the responsible sharing of intelligence (TTP’s, IOC’s)
• Monitor and investigate the organization’s network, user traffic and related logs for anything that negatively impacts confidentiality, availability, and integrity of company assets.
• Assists the team with expertise in the realm of threat detection and disruption.
• Leading the SOC including maintaining playbooks and incident response plans
• Ownership of enterprise Incident Response program including managing communication with stakeholders through the incident lifecycle
• Demonstrates advanced-level knowledge of cybersecurity events, threats, and actors including trends and emerging risks, and their impact on financial institutions and mortgage banks.
• Researches, prepares, and presents analysis & recommendations regarding cyber threats, threat vectors, threat actors and threat trends to senior IT leadership.
• Responsible for the operation, monitoring, and maintenance of the security controls in the environment
• Continually update or improve the threat intelligence automation processes, collection methods and analytical capability
• Responsible for leading all legal and HR requested investigations.
• This role is part of the security leadership team responsible for collaboratively delivering a comprehensive security program to UHM.

EDUCATION & EXPERIENCE

• Bachelor’s degree in computer science, Computer security, or equivalent
• Relevant certifications such as CISSP preferred.
• 10+ yrs. progressive experience in a response or threat intelligence role
• Experience with either AWS or Azure cloud services.
• Previous experience within a SOC environment highly preferred
• Experience with Windows and Linux operating systems both desktop and server.
• Previous experience working with and authoring scripts in Python, PowerShell, and exposure to or knowledge of REST API and JSON batching and workflow automation.
• Experience with TheHive/Cortex, Carbon Black, Security Onion, Rapid7, and Proofpoint preferred.

SKILLS

• Working understanding of information security and data privacy concepts in a cloud first environment.
• Expert knowledge of networking and operating system fundamentals including logging and event generation.
• Expert knowledge of scripting in relation to security content creation (Python, PowerShell, bash, etc.)
• Advanced knowledge SIEM, EDR, HIDS, SOAR etc.
• Expert knowledge of attack vectors and attack modeling with the AT&CK framework.
• Expert knowledge of Elastic Search, Splunk, ArcSight or other loggers and SIEM solutions
• Expert knowledge of incident response and incident handling concepts.
• Expert knowledge of cyber security breach detection and remediation activities.
• Excellent analytical and critical thinking skills.
• Familiarity with information security standards and frameworks; e.g., ISO 27001, PCI-DSS, NIST CSF.
• Ability to communicate clearly and present security findings with technical and non-technical colleagues and management.
• Ability to work with highly confidential information.
• Sensitivity to accuracy, timeliness, and professionalism.

Any Partner whose home zip code is within a 30-mile radius of the Corporate Campus (8241 Dow Circle West, Strongsville, OH 44136) are required to work from the Corporate Campus a minimum of 4 days per week.

This employer participates in E-Verify. If hired, the employer will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

Union Home Mortgage Corp. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.