Truist

Cybersecurity Engineer, ASM

Truist

full-time

Posted on:

Location Type: Office

Location: CharlotteNorth CarolinaVirginiaUnited States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AssemblyCyber SecurityFirewalls

About the role

  • The Cybersecurity Engineer (Attack Surface Management) is responsible for designing, implementing, and maturing advanced security validation capabilities to safeguard enterprise systems and applications.
  • Focuses on continuous security validation through External Attack Surface Management (EASM) tools
  • Partners with cross-functional teams to simulate real-world adversarial tactics, techniques, and procedures (TTPs)
  • Evaluate control effectiveness and recommend enhancements that align with enterprise risk management and regulatory standards.
  • Investigate and reproduce findings from EASM platforms
  • Perform Active/Passive Reconnaissance
  • Develop tuning logic for discovery seeds and asset correlation
  • Execute BAS Scenarios
  • Analyze Simulation Results
  • Provide Actionable Recommendations
  • Collaborate Across Teams
  • Leverage threat intelligence to inform EASM scenarios
  • Contribute to the identification, prioritization, and remediation of vulnerabilities
  • Maintain detailed documentation of ASM & BAS methodologies
  • Design, develop and maintain CI/CD Pipeline(s)
  • Design and Execute automation scripts

Requirements

  • Bachelor’s degree and five years of experience in systems engineering or administration or an equivalent combination of education and work experience
  • Knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security
  • Previous experience in planning and managing IT projects
  • Experience with Breach and Attack (BAS) or Continuous Security Validation (CSV) tool(s)
  • Banking or financial services experience
  • Experience in designing and executing Attack Scenarios
  • Analyze Simulation Results
  • Provide Actionable Recommendations
  • Collaborate with Security Teams
  • Advanced Threat Hunting and Intelligence
  • Vulnerability Management
  • Red Teaming and Blue Teaming
Benefits
  • medical, dental, vision, life insurance
  • disability
  • accidental death and dismemberment
  • tax-preferred savings accounts
  • 401k plan
  • no less than 10 days of vacation
  • 10 sick days
  • paid holidays
  • defined benefit pension plan
  • restricted stock units
  • deferred compensation plan
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
CybersecurityExternal Attack Surface Management (EASM)Breach and Attack Simulation (BAS)Continuous Security Validation (CSV)Active ReconnaissancePassive ReconnaissanceVulnerability ManagementAutomation scriptingCI/CD PipelineThreat Hunting
Soft Skills
CollaborationActionable RecommendationsCross-functional teamworkProject managementDocumentation