Investment Management #008
Department: Technology – Cybersecurity
Position Overview: The cybersecurity team is responsible for recommending the firm’s overall strategy, day-to-day support of the controls as well as the preparation and execution of the incident response plan. We are seeking an experienced cybersecurity practitioner with a proven track record of both preparing for, and responding to cybersecurity events for the role of Senior Security Operations Analyst. A successful candidate will be detail-oriented, thorough, and well organized. In this position, you will be responsible for handling various duties related to implementing and operating the cybersecurity controls using multiple on-prem solutions and cloud-based services aimed to support the full cybersecurity lifecycle. In addition, you will assist with reviewing vulnerability scans and cyber threat intelligence, determining which vulnerabilities require immediate action using risk-based models and an understanding of the Firm’s systems.
Duties and Responsibilities
Investigate cybersecurity incidents and potential threats
Support cybersecurity detection, escalation and response capabilities by working closely with other technical, incident management, legal, compliance and cyber personnel.
Perform daily log review, correlation, and event analysis. This includes review of various systems logs, File Integrity Monitoring logs, Intrusion Detection System events and Antivirus/Malware scans
Perform vulnerability scanning, track, and facilitate the remediation of findings
Assist with the development and implementation of processes and procedures to ensure cybersecurity threats are effectively mitigated.
Participate and lead incident response activities (which may occur during non-core business hours) and associated after-action analysis.
Appropriately inform and advise management on incidents and incident prevention
Document actions taken within approved event tracking systems, create / maintain procedural and instructional documents
Other job duties as defined
Bachelor’s degree in Computer Science, Information Systems Management, Information Security, or Engineering.
3+ years of experience in cybersecurity incident analysis and response as well as direct experience with the day-to-day operations of cybersecurity controls.
Advanced knowledge of some or all of the following: TCP/IP networks and concepts, IDS/IPS, firewalls, proxy, security and audit logs, operating systems (Windows / Linux) and infrastructure design.
Technical understanding of the tactics, techniques and procedures of cybersecurity attackers
Strong understanding of cyber threat landscape, vulnerability management and NIST CSF
Experience with SIEM platforms (e.g. Splunk), scanning tools such as Tenable Nessus, NMAP, etc.
Intermediate knowledge of web server software, including Microsoft IIS and Apache web servers
Prior experience with Active Directory, WMI, PowerShell, Python, etc.
Certifications: SANS GSEC, CISSP, Network +, or Security+ certification a plus
Excellent organizational, written and verbal communication and interpersonal skills