IT Security for a Major US Bank
Background: Trigyn Technologies was selected as one of 6 preferred vendors for Cybersecurity IT Staffing services for a major U.S. bank. As part of this contract, Trigyn provided IT resources for many security projects.
Trigyn Approach: A key challenge faced with this engagement was the highly competitive recruiting environment for individuals with the skills being sought. To meet the needs of the client, Trigyn employed its Specialized and High-Demand Recruiting Methodology. This approach relied heavily on niche websites, discussions forums, specialty publications and one-to-one outreach and networking by our specialty recruiters. This approach allowed Trigyn to engage prospective candidates who are otherwise inaccessible through traditional job boards.
As part of this engagement, Trigyn staff were assigned mission critical responsibilities including:
- Helping to develop the firm’s next generation vulnerability management program including formalized assessment criteria, integration with asset inventory, enterprise vulnerability scanning, and remediation tracking and governance.
- Documenting and implementing an enhanced penetration testing program to cover testing of application and infrastructure systems for security vulnerabilities.
- Developing innovate security testing to mimic advanced persistent threat techniques and blended threats including social engineering, physical access gaps.
- Developing program quality metrics as both program performance indicators and enterprise risk indicators.
- Assessing publicly and privately announced security vulnerabilities to determine the risk based on severity, threat likelihood and firm impact.
- Operate the firm’s vulnerability scanning program using industry standard tools for scanning and reporting application and infrastructure vulnerabilities.
- Manage the firm’s penetration testing and insider threat programs by leveraging both in house staff and vendor expertise to identify weaknesses in technology, people or process.
- Develop and use cyber red team strategies for testing organizational security posture.
- Leverage firm inventory and patch management systems to provide reporting and governance for vulnerability impact and remediation progress.
- Integrate findings across infrastructure, web application, and static code security testing to provide a holistic security posture for assets.
Outcome: Trigyn has been a valued IT Staffing partner of the bank since 2015 and continues to serve the client today.