Vacancy expired!
The Product Threat Intelligence Specialist is a key member of the Cyber Security & Compliance organization to monitor internal and external security threats and risks, provide in-depth analysis, and remediate to return Hertz to normal business operations. This role is dedicated to the research and analysis of threats affecting our Electric Vehicles products and applications for the enhancement of existing solutions and to fulfill new security and compliance requirements. This role has an impact on our security and reduces risk to the company and our customers by protecting Hertz assets and data. Product Threat intelligence Specialist Conduct all-source analysis targeting to identify, monitor, assess and counter the threats posed by criminal cyber actors.
Architects, designs, implements, maintains and operates information system security controls and countermeasures.
Products and Applications Threat Modeling and Vulnerability Assessments
Provide technical deep understanding of security systems at different layers. Such as network, cloud, endpoint, advance malware defense, data security etc. But overall focus on cloud security on AWS, Azure, and GCP.
Security Testing Proof-of-Concept validation, Physical EV exploit methods, Wire tampering testing, malicious software research, Post-exploitation analysis and reporting
Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets.
Identifies potential weaknesses and vulnerabilities on Hertz assets (i.e., end points, applications, etc.).
Generates robust reporting on assessment findings and summarizes to facilitate remediation tasks.
Shares lessons learned, initial indicators of detection and opportunities for strengthening systems and applications to management.
Collects information from a wide variety of sources and aggregates the data relevant to the Hertz security environment.
CUSTOMER SERVICE
Drive optimal cyber security services to complete resolution according to security SLA’s.
Handle all private information with discretion and keep sensitive information private.
Bachelor degree in Computer Science, MIS, or related field.
8+ years of Information Security experience required, preferably in a global Fortune 500 corporation.
Good understanding of Kubernetes architecture and how applications are deployed in this containerized auto-scaling environment.
Hands-on experience performing threat modeling, including STRIDE and PASTA methodologies
Familiarity with MITRE ATT&CK Enterprise Matrix and MITRE D3FEND
Experience with IT operations in cloud computing environments, i.e., Amazon AWS, Microsoft Azure, etc.
Knowledge of OWASP top 10 and able to identify vulnerabilities and possible exploits. Provide remediation guidance.
Excellent written and oral communication skills in English
Strong written and verbal communication skills.
Certifications desired: AWS Cloud Practitioner, Certified Information Systems Security Professional, (CISSP) Certified Ethical Hacker, (CEH) GIAC Security Essentials Certifications, GIAC Certified Intrusion Analyst, Global Information Assurance Certification, Forensics certifications.
At Hertz, we champion and celebrate a culture of diversity and inclusion. We take affirmative steps to promote employment and advancement opportunities. The endless variety of perspectives, experiences, skills and talents that our employees invest in their work every day represent a significant part of our culture – and our success and reputation as a company.
Individuals are encouraged to apply for positions because of the characteristics that make them unique.
Qualified applicants with criminal histories will be considered for employment in a manner consistent with applicable federal, state and local law. Hertz is a drug free workplace.
EOE, including disability/veteran
Full-time