Sr. Offensive Cyber Security Analyst

At T. Rowe Price, we identify and actively invest in opportunities to help people thrive in an evolving world. As a premier global asset management organization with more than 85 years of experience, we provide investment solutions and a broad range of equity, fixed income, and multi-asset capabilities to individuals, advisors, institutions, and retirement plan sponsors. We take an active, independent approach to investing, offering our dynamic perspective and meaningful partnership so our clients can feel more confident.

We believe doing the right thing for our clients and our associates is good business. With a career at the firm, you can expect opportunities to create real impact at work and in your community. Youll enjoy resources to support your career path, as well as compensation, benefits, and flexibility to enrich your life. Here, youll find a collaborative culture that respects and values differences and colleagues who share a spirit of generosity.

Join us for the opportunity to grow and make a difference in ways that matter to you.

Role Summary

As a member of our Red Team, you will play a critical role in challenging assumptions and identifying unknown cyber and security vulnerabilities within our organization. Collaborating closely with our Incident Response and Cyber Threat Intelligence teams, you will use adversarial and cyber techniques to rigorously assess the resilience of our people, processes, and technologies against evolving security threats. When gaps in our cyber defenses are identified, youll work with peers and leadership to communicate findings and help guide effective security remediation strategies. Your work will include conducting penetration tests, designing and executing Red Team / Purple Team cyber exercises, and enhancing our security detection and response capabilities.

Responsibilities

Conduct cyber penetration testing across enterprise networks, systems, and technology environments.

Design, coordinate, and participate in Red Team and Purple Team security exercises.

Support ongoing security attack simulation and validation programs.

Identify, recommend, and implement security controls and detection measures in response to emerging cyber threats, collaborating with Incident Response and Cyber Threat Intelligence teams.

Drive improvements to cybersecurity best practices, standards, and policies within the group.

Collaborate with team members to enhance cyber and security processes and standards.

Business Knowledge :

Translate cyber and security vulnerabilities into actionable solutions for technology teams.

Demonstrate comprehensive understanding of cyber program objectives and security strategies.

Maintain awareness of prevalent cyber threats and historical attacks targeting the Financial Services industry.

Qualifications

Required :

Bachelors degree in IT, Cybersecurity, or a related technical discipline (or equivalent experience), plus 5+ years supporting a 24x7 global enterprise.

Familiarity with Windows domain concepts in hybrid cloud security environments.

Experience operating in cloud environments with a focus on cyber risk and security.

Proven ability to identify cyber vulnerabilities in networks, systems, and applications using established penetration testing frameworks, security tools, and manual techniques.

Strong understanding of web technologies (HTML, JavaScript, etc.) and related security vulnerabilities (OWASP Top 10, XSS, SQL Injection, filter bypassing).

Deep knowledge of Windows operating systems, with familiarity in Unix, Linux, and macOS security.

Ability to leverage the MITRE ATT&CK framework, Cyber Threat Intelligence, and Cybersecurity Awareness concepts.

Understanding of security infrastructure such as firewalls, Intrusion Prevention Systems, Proxy Servers, Security Event Managers, and VPNs.

Basic scripting / coding skills (Python or PowerShell preferred).

Commitment to quality and meticulous attention to security detail.

Leadership in work reviews and constructive feedback.

Subject matter expertise in one or more cyber security programs.

Strong written and verbal communication abilities.

Preferred :

Information security certifications such as Offensive Security (OSCP / OSCE), SANS GIAC (GPEN, GWAPT, GXPN), or similar.

Experience with Active Directory concepts and security vulnerabilities.

Background in Financial Services cyber risk and security.

System administration experience.

FINRA Requirements

FINRA licenses are not required and will not be supported for this role.

Work Flexibility

This role is eligible for hybrid work, with up to three days per week from home.

Base Salary Ranges

Please review the job posting for the location of this specific opportunity.

$94,500.00 - $161,000.00 for the location of : Maryland, Colorado, Washington and remote workers

$103,000.00 - $177,000.00 for the location of : Washington, D.C.

$117,000.00 - $201,000.00 for the location of : New York, California

Placement within the range provided above is based on the individuals relevant experience and skills for the role. Base salary is only one component of our total compensation package. Employees may be eligible for a discretionary bonus, which is determined upon company and individual performance.

Commitment to Diversity, Equity, and Inclusion

At T. Rowe Price, our associates are our greatest asset. We thrive because our company culture is built on inclusion and because we sustain a work environment where associates can bring their best selves to work every day. The backgrounds, talents, and experiences of our global associates allow us to embrace new ideas and perspectives that move our business priorities forward and enable us to deliver strong client outcomes. Here, you can expect equal opportunity and fair and consistent treatment for all.

Benefits

We value your goals and needs, at work and in life. As an associate, youll be supported with resources, benefits, and work-life balance so you can thrive in ways that matter to you.

Featured employee benefits to enrich your life :

Competitive compensation

Annual bonus eligibility

A generous retirement plan

Hybrid work schedule

Health and wellness benefits, including online therapy

Paid time off for vacation, illness, medical appointments, and volunteering days

Family care resources, including fertility and adoption benefits

Learn more about our benefits.

T. Rowe Price is an equal opportunity employer and values diversity of thought, gender, and race. We believe our continued success depends upon the equal treatment of all associates and applicants for employment without discrimination on the basis of race, religion, creed, color, national origin, sex, gender, age, mental or physical disability, marital status, sexual orientation, gender identity or expression, citizenship status, military or veteran status, pregnancy, or any other classification protected by country, federal, state, or local law.

by Jobble