OneMain Financial
Join our dynamic Cybersecurity Threat Exposure Management (CTEM) Team as a Senior Cybersecurity Analyst, where you will be pivotal in safeguarding our organization against emerging cyber threats. We are seeking a seasoned cybersecurity professional who is ready to lead strategic initiatives, identify vulnerabilities, and collaborate across departments to protect our digital assets.
Key Responsibilities:
Leverage advanced tools and methodologies to identify, analyze, and prioritize remediation efforts for cyber threats and vulnerabilities throughout the organization.
Preferred tools include Tenable, Wiz, Dazz, and Qualys.
Conduct thorough research on vulnerabilities to assess their impact on the enterprise, utilizing a risk-based approach for prioritization. Lead incident response calls, documenting containment, eradication, and recovery efforts related to exploited vulnerabilities, including conducting post-incident analyses and lessons learned sessions. Collaborate with IT, Cyber Risk, and other business units to ensure alignment of security protocols and controls that comply with organizational policies and regulatory requirements. Perform comprehensive risk assessments to evaluate potential impacts of threats and vulnerabilities, using results to formulate mitigation strategies. Develop and implement proactive strategies to combat emerging cyber threats and enhance the organization's security posture. Prepare detailed reports on threat landscapes, vulnerability assessments, and incident response activities to guide senior leadership in informed decision-making. Foster a culture of continuous improvement, streamlining activities for effectiveness and efficiency. Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. A minimum of 7 years of cybersecurity experience, with at least 3 years in a leadership role. Proficiency in cybersecurity tools and technologies, including SIEM, IDS/IPS, vulnerability scanners, and incident response platforms. Strong analytical and problem-solving skills, with a capacity to think critically in high-pressure scenarios. Exceptional verbal and written communication skills to effectively relay complex technical information to varied audiences. Meticulous attention to detail, emphasizing accuracy in all tasks. Outstanding project management abilities, with a proven track record of managing multiple priorities independently. Good understanding of secure coding principles, DevSecOps practices, automation techniques, and cloud security. Experience in highly regulated industries such as finance, healthcare, or government. Familiarity with global cybersecurity regulations and standards. Preferred: Relevant certifications like CISA, CISSP, CISM, CEH, or equivalent are preferred. Location:
Baltimore, MD (Optional hybrid schedule, on-site, remote, etc.) Compensation:
The target base salary for this position ranges from $90,000 to $115,000, based on various factors including skills and work experience. This role also offers a competitive compensation program based on individual and company performance. About Us: At OneMain Financial (NYSE: OMF), we are committed to providing nonprime customers with responsible access to credit, striving to enhance the financial well-being of hardworking Americans. Since our inception in 1912, we have focused on understanding needs beyond credit scores to deliver personal loans, credit cards, and other financial products that enable people to achieve their goals. We believe in fostering an inclusive culture, driving career development, and positively impacting the communities where we operate. Join us and discover the significant benefits of being part of a team that prioritizes health, growth, and community engagement: Comprehensive health and well-being options, including medical, dental, vision, and various insurances. Up to 4% matching 401(k). Employee Stock Purchase Plan (10% share discount). Tuition reimbursement. Generous paid time off (15 vacation days per year, plus 2 personal days, prorated based on start date). Paid sick leave as per state or local laws, prorated based on start date. Paid holidays (7 days per year, based on start date). Volunteer time off (3 days per year, prorated based on start date).
Preferred tools include Tenable, Wiz, Dazz, and Qualys.
Conduct thorough research on vulnerabilities to assess their impact on the enterprise, utilizing a risk-based approach for prioritization. Lead incident response calls, documenting containment, eradication, and recovery efforts related to exploited vulnerabilities, including conducting post-incident analyses and lessons learned sessions. Collaborate with IT, Cyber Risk, and other business units to ensure alignment of security protocols and controls that comply with organizational policies and regulatory requirements. Perform comprehensive risk assessments to evaluate potential impacts of threats and vulnerabilities, using results to formulate mitigation strategies. Develop and implement proactive strategies to combat emerging cyber threats and enhance the organization's security posture. Prepare detailed reports on threat landscapes, vulnerability assessments, and incident response activities to guide senior leadership in informed decision-making. Foster a culture of continuous improvement, streamlining activities for effectiveness and efficiency. Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. A minimum of 7 years of cybersecurity experience, with at least 3 years in a leadership role. Proficiency in cybersecurity tools and technologies, including SIEM, IDS/IPS, vulnerability scanners, and incident response platforms. Strong analytical and problem-solving skills, with a capacity to think critically in high-pressure scenarios. Exceptional verbal and written communication skills to effectively relay complex technical information to varied audiences. Meticulous attention to detail, emphasizing accuracy in all tasks. Outstanding project management abilities, with a proven track record of managing multiple priorities independently. Good understanding of secure coding principles, DevSecOps practices, automation techniques, and cloud security. Experience in highly regulated industries such as finance, healthcare, or government. Familiarity with global cybersecurity regulations and standards. Preferred: Relevant certifications like CISA, CISSP, CISM, CEH, or equivalent are preferred. Location:
Baltimore, MD (Optional hybrid schedule, on-site, remote, etc.) Compensation:
The target base salary for this position ranges from $90,000 to $115,000, based on various factors including skills and work experience. This role also offers a competitive compensation program based on individual and company performance. About Us: At OneMain Financial (NYSE: OMF), we are committed to providing nonprime customers with responsible access to credit, striving to enhance the financial well-being of hardworking Americans. Since our inception in 1912, we have focused on understanding needs beyond credit scores to deliver personal loans, credit cards, and other financial products that enable people to achieve their goals. We believe in fostering an inclusive culture, driving career development, and positively impacting the communities where we operate. Join us and discover the significant benefits of being part of a team that prioritizes health, growth, and community engagement: Comprehensive health and well-being options, including medical, dental, vision, and various insurances. Up to 4% matching 401(k). Employee Stock Purchase Plan (10% share discount). Tuition reimbursement. Generous paid time off (15 vacation days per year, plus 2 personal days, prorated based on start date). Paid sick leave as per state or local laws, prorated based on start date. Paid holidays (7 days per year, based on start date). Volunteer time off (3 days per year, prorated based on start date).