3 Attack Methodologies Jobs

The Company PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. We operate a global, two-sided network at scale that connects hundreds of millions of merchants and consumers. We help merchants and consumers connect, transact, and complete payments, whether they are online or in person. PayPal is more than a connection to third-party payment networks. We provide proprietary payment solutions accepted by merchants that enable the completion of payments on our platform on behalf of our customers. We offer our customers the flexibility to use their accounts to purchase and receive payments for goods and services, as well as the ability to transfer and withdraw funds. We enable consumers to exchange funds more safely with merchants using a variety of funding sources, which may include a bank account, a PayPal or Venmo account balance, PayPal and Venmo branded credit products, a credit card, a debit card, certain cryptocurrencies, or other stored value products such as gift cards, and eligible credit card rewards. Our PayPal, Venmo, and Xoom products also make it safer and simpler for friends and family to transfer funds to each other. We offer merchants an end-to-end payments solution that provides authorization and settlement capabilities, as well as instant access to funds and payouts. We also help merchants connect with their customers, process exchanges and returns, and manage risk. We enable consumers to engage in cross-border shopping and merchants to extend their global reach while reducing the complexity and friction involved in enabling cross-border trade. Our beliefs are the foundation for how we conduct business every day. We live each day guided by our core values of Inclusion, Innovation, Collaboration, and Wellness. Together, our values ensure that we work together as one global team with our customers at the center of everything we do - and they push us to ensure we take care of ourselves, each other, and our communities. Job Summary: We are seeking a dedicated and analytical Cyber Threat Intelligence Analyst to support our Adversarial Cyber Threat Intelligence initiatives. This role focuses on identifying and monitoring external threat actors and their capabilities, assessing ongoing attack campaigns, and providing actionable intelligence to enhance PayPal's security posture. Job Description: Essential Responsibilities: Independently apply security best practices to enhance and optimize cyber threat management, ensuring robust protection and efficiency, while beginning to understand and align security measures with business objectives. Partner with peers and internal teams to drive security initiatives, contribute to cross-functional projects, and at times co-lead efforts to strengthen security posture and cyber threat management. Analyze and resolve security challenges by adapting standard cyber threat management processes and exploring alternative approaches to address complex threats. Influence the quality, efficiency, and effectiveness of the team through informed decision-making, with a potential impact on other teams. Collaborate with key partners to gather and incorporate feedback, driving continuous improvements in cyber threat management. Minimum Qualifications: Minimum of 5 years of relevant work experience and a Bachelor's degree or equivalent experience. Preferred Qualification: As a senior team member on our Cyber Threat Intelligence team, you will be collaborating with our Threat Analysis and Planning team to strategically drive how PayPal prepares for and responds to threats. Supporting the below services, an ideal candidate will be able to perform the following: Threat Actor Profiling Identify and monitor external threat groups targeting PayPal, analyzing their intent, opportunity and capabilities based on associated attack campaigns, TTPs, indicators of compromise (IOCs), and victimology. Develop comprehensive profiles for relevant threat actors to inform strategic defense initiatives. Threat Actor Campaign Analysis Provide situational awareness of ongoing attack campaigns of interest, enumerating attacker TTPs for further investigation. Conduct in-depth analyses to pivot to responsible threat actors and maintain an updated understanding of their activities. Threat Infrastructure Counterintelligence Identify and assess the validity of potential attacker infrastructure based on inputs from other Cyber Threat Intelligence services. Confirmed attacker infrastructure will be shared with internal teams and external partners to facilitate proactive mitigation efforts. Activity Group Monitoring Analyze internal incident data sources to identify trends, attack patterns, and potential threat actor groups actively impacting the organization. Collaborate with incident response teams to enhance detection capabilities and response strategies. TTP Analysis Conduct targeted technical analyses of individual tactics, techniques, and procedures utilized in attack campaigns by threat actors of interest. Forward analysis results to internal teams for improved detection, mitigation, and vulnerability assessments. Skills we think will make you successful in this role include: Proficient understanding of attack methodologies, TTPs, and frameworks such as MITRE ATT&CK and Diamond Model Analysis. Experience with threat intelligence platforms and tools for data collection and analysis. Strong analytical writing and critical thinking skills with the ability to synthesize complex information into actionable intelligence. Excellent communication skills, capable of conveying technical findings to both technical and non-technical audiences. Familiarity with incident response processes and collaboration with cross-functional teams is a plus. Subsidiary: PayPal Travel Percent: 0 - PayPal is committed to fair and equitable compensation practices. Actual Compensation is based on various factors including but not limited to work location, and relevant skills and experience. The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit . The US national annual pay range for this role is $111,500 to $191,950 PayPal does not charge candidates any fees for courses, applications, resume reviews, interviews, background checks, or onboarding. Any such request is a red flag and likely part of a scam. To learn more about how to identify and avoid recruitment fraud please visit . For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations. Our Benefits: At PayPal, we're committed to building an equitable and inclusive global economy. And we can't do this without our most important asset-you. That's why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you. We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit . Who We Are: to learn more about our culture and community. Commitment to Diversity and Inclusion PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at . Belonging at PayPal: Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal. Any general requests for consideration of your skills, please . We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don't hesitate to apply.

As a Senior Security Analyst/Engineer, you will be responsible for supporting the security operations of our organization by assisting in the monitoring, detection, and response to security incidents. This role offers a blend of security analysis and engineering tasks, allowing you to contribute significantly to the organization's cybersecurity efforts. You will assist in monitoring security events and alerts from various sources, conduct initial analysis of security events, and collaborate with senior analysts to investigate and respond to security incidents. Your role will involve providing technical assistance during security incidents, documenting incident response procedures, and implementing proactive measures to enhance incident detection and response capabilities. Furthermore, you will support the vulnerability management process by assisting in vulnerability scanning, assessment, and remediation efforts. You will prioritize and track the resolution of identified vulnerabilities, collaborate with system owners and IT teams for timely patching and mitigation, and conduct security assessments and penetration tests to identify weaknesses in systems, applications, and network infrastructure. Additionally, you will assist in the administration and configuration of security tools and technologies, participate in the evaluation and testing of new security technologies, optimize the configuration and tuning of security tools, and recommend enhancements based on industry best practices. Qualifications and Skills: - Bachelor's degree in Information Technology, Computer Science, Information Security, or related field - 8-12 years of experience in a cybersecurity role - Strong understanding of cybersecurity principles, threat landscape, and attack methodologies - Proficiency in security tools and technologies such as SIEM, EDR, IDS/IPS, firewalls, and vulnerability scanners - Excellent analytical, problem-solving, and decision-making skills - Effective communication and stakeholder management abilities - Certifications such as CompTIA Security+, CEH (Certified Ethical Hacker), or equivalent are a plus Experience: - Demonstrated experience in conducting security analysis, incident response, and vulnerability management - Hands-on experience with security tool optimization, security assessments, and penetration testing - Proven track record of incident response efforts and managing security incidents effectively Career Development: This role offers a valuable opportunity for career growth in the field of cybersecurity. As you gain experience and proficiency, you will have the opportunity to progress into more specialized roles such as Senior Security Analyst, Incident Responder, or Security Engineer. Continued learning and professional certifications will be encouraged to enhance your skills and knowledge in the cybersecurity domain. Your Team: You will be part of the global cybersecurity team at Carmeuse, which is dedicated to enabling the organization's digitalization strategy without compromising security. The team consists of regional senior security managers and cyber architects based around the globe, with a major presence in the US, Belgium, and Romania. You will work with the cybersecurity team on security design, delivery, and operations to safeguard Carmeuse's digital IT and OT footprint. Your Manager: Victor Alexandrescu, the leader of the team, brings over 20 years of experience to his role. His management style is direct, based on trust and support, with a focus on efficiency and continuous improvement. Victor promotes proactive problem-solving and achieving tangible results, offering a supportive environment for professional growth and development. Join Us: If you are looking for a challenging role in cybersecurity with opportunities for career advancement and skill development, consider joining our team at Carmeuse. We offer a permanent contract, flexible working hours, a home working policy, competitive salary package and benefits, growing possibilities, a strong HR and training policy, and work-life balance. Your contributions will be valued, and you will work alongside experienced professionals in a dynamic and innovative environment. Recruitment Process: If you apply for this position, you will go through a thorough recruitment process that includes resume and cover letter analysis, personality questionnaires, and multiple interviews with the talent acquisition lead, cybersecurity delivery manager, HRBP, and key cybersecurity team members. This process aims to assess your qualifications, motivations, and fit for the role while providing you with insights into our team dynamics and work environment.,

As a Security Analyst/Engineer, you will be responsible for supporting the security operations of the organization by assisting in the monitoring, detection, and response to security incidents. This role offers a blend of security analysis and engineering tasks, providing a progression from foundational knowledge to more advanced responsibilities, enabling you to contribute significantly to the organization's cybersecurity efforts. You will be involved in various key responsibilities, including security monitoring and analysis. This involves monitoring security events and alerts from sources such as SIEM, IDS/IPS, antivirus systems, and endpoint detection platforms. Additionally, you will conduct initial analysis of security events, collaborate with senior analysts to investigate and respond to security incidents like malware infections, phishing attempts, and unauthorized access. In incident response activities, you will provide technical assistance during security incidents for containment, eradication, and recovery efforts. You will also document incident response procedures, develop post-incident reports, and implement proactive measures to enhance incident detection and response capabilities, such as developing playbooks for common attack scenarios. Supporting the vulnerability management process will be part of your responsibilities, including assisting in vulnerability scanning, assessment, and remediation efforts. You will help prioritize and track the resolution of identified vulnerabilities, collaborate with system owners and IT teams for timely patching and mitigation, and conduct security assessments and penetration tests to identify weaknesses in systems, applications, and network infrastructure. Furthermore, you will assist in the administration and configuration of security tools and technologies, participate in evaluating and testing new security technologies, optimize the configuration and tuning of security tools, and recommend enhancements based on industry best practices and organizational requirements. You will also support security awareness and training initiatives by assisting in the development of educational materials and delivering security awareness briefings to staff. The ideal candidate should have a Bachelor's degree in computer science, Information Security, or related field, along with 3-5 years of experience in a cybersecurity role. Strong understanding of cybersecurity principles, proficiency in security tools and technologies, excellent analytical and problem-solving skills, effective communication, and stakeholder management abilities are essential. Certifications such as CompTIA Security+, CEH, or equivalent are a plus. Demonstrated experience in conducting security analysis, incident response, and vulnerability management in a complex environment, hands-on experience with security tool optimization, security assessments, and penetration testing, as well as a proven track record of incident response efforts are desired qualifications for this role. This position offers a valuable opportunity for career growth and development in the field of cybersecurity, with the possibility to progress into more specialized roles such as Senior Security Analyst, Incident Responder, or Security Engineer. Continued learning and professional certifications will be encouraged to enhance skills and knowledge in the cybersecurity domain. Joining the global cyber security team at Carmeuse will provide you with the opportunity to contribute to the organization's digitalization strategy while ensuring security. Working with a team of regional senior security managers and cyber architects, you will be involved in security design, delivery, and operations to safeguard Carmeuse's digital IT & OT footprint, participating in innovative initiatives to strengthen operations. Reporting to Victor Alexandrescu, the leader of the team, you will benefit from his extensive experience and practical knowledge. Victor's management style focuses on efficiency, continuous improvement, and proactive problem-solving, aiming to optimize processes and enhance team performance. The organization offers a permanent contract, flexible working hours, home working policy, competitive salary package and benefits, growth opportunities, strong HR and training policy, and work-life balance. The recruitment process includes steps such as resume and cover letter analysis by Georges Mensah-Boateng, a first "Teams" interview with personality questionnaires, a second interview with Victor Alexandrescu and Aurelie Mordant, and a final interview with Stavros Georgakopoulos, Rusty Gavin, and Eugene Marchenko to assess your suitability for the role.,