Kyndryl is looking for a Threat Investigator L2 to protect our customers’ systems and networks from cyber threats. In this role, you will implement cybersecurity systems, monitor for threats, conduct penetration testing, and respond to breaches.
What You'll Do
- Protect customer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction.
- Use a variety of tools and techniques to defend against cyber threats such as malware, ransomware, phishing, and data breaches.
- Implement new cybersecurity systems and policies to safeguard customer data and assets.
- Monitor and review potential threats using cybersecurity systems.
- Conduct proof-of-concepts (POCs) with new cybersecurity software to evaluate effectiveness and integration potential.
- Provide automation scripts for threat hunting based on lessons learned from cyberattacks.
- Conduct penetration testing and threat/vulnerability assessments of applications, operating systems, and networks.
- Respond to cybersecurity breaches and identify intrusions.
- Research and evaluate cybersecurity threats and perform root cause analysis.
- Assist in the creation and implementation of security solutions.
- Contribute to security innovation by developing and testing unconventional ideas.
What We're Looking For
- 2+ years of experience in a Cybersecurity field
- Expertise in network routing and switching, network troubleshooting, engineering and infrastructure, load balancing, and virtual private networks
- Proficiency in cloud computing and security architecture, hybrid and multi-cloud computing, and various cloud-based systems and services
- Familiar with vulnerability scanning, application security, penetration testing, encryption, threat modeling, identity and access management, and secure coding
- Good knowledge of cyber security, incident response, security operations, vulnerability management, IT security architecture, risk management, cyber threat hunting, and cyber security standards
Nice to Have
- Valid and current certification or equivalent experience in one of the following: CISSP / CompTIA Security+ / Certified Cloud Security Professional / GIAC Security Essentials
- Security Operations Center experience
- Security tooling for Endpoint Detection and Response (EDR)
- Security Information and Event Management (SIEM)
- Anti-virus Vulnerability Management Scanning and Remediation
- Technical architecture skills
- Experience advising C-suite
- Familiarity with DevSecOps practices and methodologies, and experience integrating security into agile development processes
- Familiarity with emerging security technologies and trends, such as artificial intelligence/machine learning in security, zero trust architecture, or secure remote access solutions
Technical Stack
- Endpoint Detection and Response (EDR)
- Security Information and Event Management (SIEM)
- Anti-virus Vulnerability Management Scanning and Remediation
Benefits & Compensation
- Opportunities to certify in all four major platforms
- Access to best-in-class learning for certifications including Microsoft, Google, Amazon, Skillsoft
- Volunteering and giving platform with access to over 2 million non-profit organizations
We are always moving forward – we pursue our efforts to create a more equitable and inclusive world for our employees, our customers and our communities. Diversity is much more than what we look like or where we come from: it's how we think and who we are. We welcome people of all cultures, backgrounds and experiences.
