T. Rowe Price
Sr. Offensive Cyber Security Analyst
T. Rowe Price, Owings Mills, Maryland, United States, 21117
At T. Rowe Price, we identify and actively invest in opportunities to help people thrive in an evolving world. As a premier global asset management organization with more than 85 years of experience, we provide investment solutions and a broad range of equity, fixed income, and multi-asset capabilities to individuals, advisors, institutions, and retirement plan sponsors. We take an active, independent approach to investing, offering our dynamic perspective and meaningful partnership so our clients can feel more confident.We believe doing the right thing for our clients and our associates is good business. With a career at the firm, you can expect opportunities to create real impact at work and in your community. You’ll enjoy resources to support your career path, as well as compensation, benefits, and flexibility to enrich your life. Here, you’ll find a collaborative culture that respects and values differences and colleagues who share a spirit of generosity. **Role Summary**As a member of our Red Team, you will be tasked with challenging assumptions and uncovering unknown vulnerabilities. Working closely with our Incident Response and Cyber Threat Intelligence teams, you will employ adversarial techniques to evaluate the resilience of our people, processes, and technologies against cyber threats. When gaps are identified, you'll collaborate with peers and leadership to communicate findings and guide effective remediation strategies. Your responsibilities will include conducting penetration tests, designing and participating in Red Team/Purple Team exercises, and strengthening our detection and response capabilities.**Responsibilities*** Conduct penetration testing across enterprise networks, systems, and technology stacks.* Design and coordinate Red/Purple Team exercises.* Contribute to ongoing attack simulation and validation programs.* Identify, recommend, and implement controls and detection measures in response to emerging cyber threats, supporting Incident Response and Cyber Threat Intelligence teams.* Drive improvements to cybersecurity best practices within your group.* Collaborate with team members to enhance processes and standards.* Business Knowledge* Translate cybersecurity risks and vulnerabilities into actionable solutions for technology teams.* Demonstrate a thorough understanding of cyber program objectives.* Possess knowledge of prevalent threats and historical attacks targeting the Financial Services industry.**Qualifications****Required:*** Bachelor’s degree in IT, Cybersecurity, or a related technical discipline (or equivalent experience), plus 5+ years of experience supporting a 24x7 global enterprise.* Familiarity with Windows domain concepts in hybrid cloud environments.* Experience operating in cloud environments.* Proven ability to identify vulnerabilities in networks, systems, and applications using established penetration testing frameworks, tools, and manual techniques.* Strong understanding of web technologies (HTML, JavaScript, etc.) and related vulnerabilities (OWASP Top 10, XSS, SQL Injection, filter bypassing).* Deep knowledge of Windows operating systems, with familiarity in Unix, Linux, and macOS.* Ability to leverage the MITRE ATT&CK framework, Cyber Threat Intelligence, and Cybersecurity Awareness concepts.* Understanding of security infrastructure such as firewalls, Intrusion Prevention Systems, Proxy Servers, Security Event Managers, and VPNs.* Basic scripting/coding skills (Python or PowerShell preferred).* Commitment to quality and meticulous attention to detail.* Leadership in work reviews and constructive feedback.* Subject matter expertise in one or more cybersecurity programs.* Strong written and verbal communication abilities.**Preferred:*** Information security certifications such as Offensive Security (OSCP/OSCE), SANS GIAC (GPEN, GWAPT, GXPN), or similar.* Experience with Active Directory concepts and vulnerabilities.* Background in the Financial Services industry.* System administration experience.Placement within the range provided above is based on the individual’s relevant experience and skills for the role.
Base salary is only one component of our total compensation package.
Employees may be eligible for a discretionary bonus, which is determined upon company and individual performance.We value your goals and needs, at work and in life. As an associate, you’ll be supported with resources, benefits, and work-life balance so you can thrive in ways that matter to you.
Featured employee benefits to enrich your life:
Competitive compensation
Health and wellness benefits, including online therapy
Family care resources, including fertility and adoption benefits #J-18808-Ljbffr
Base salary is only one component of our total compensation package.
Employees may be eligible for a discretionary bonus, which is determined upon company and individual performance.We value your goals and needs, at work and in life. As an associate, you’ll be supported with resources, benefits, and work-life balance so you can thrive in ways that matter to you.
Featured employee benefits to enrich your life:
Competitive compensation
Health and wellness benefits, including online therapy
Family care resources, including fertility and adoption benefits #J-18808-Ljbffr