Who are we looking for:
Our Client seeks to recruit a Lead Cyber SOC Analyst that will lead the triage, analysis and response to cyber-attacks. Join us in evolving our response capabilities to protect our client, its customers and partners from the ever evolving and sophisticated global threat actors. Our Clients Fusion Center is responsible for detecting and responding to various cyber threats directed towards the enterprise.
What will you be responsible for:
· Leading the cyber incident response process to ensure timely triage, analysis, containment, eradication and return to service for high severity or long running incidents.
· Author incident status updates and closure reports to leadership.
· Produce post mortem reports to identify lessons learned and recommendations.
· Continuously prepare for incidents by updating and maintaining incident response plans, playbooks and procedures.
· Manage and participate in cyber related exercises such as table tops and cyber ranges.
· Measure the effectiveness and performance of the incident response process through KRI and KPI metrics.
· Identify methods to continuously enhance the incident response process
· Work closely with the SOC to drive development and collaboration
· Train and Mentor SOC personnel
· Creating an environment which drives knowledge sharing with teams across the Fusion Center
· Help developing the Fusion Center mindset and follow the sun model
What we value:
· Experience with investigating & managing major/complex cyber incidents end to end
· Experience working/leading in a SOC or Fusion Center
· Strong operating systems administration skills (Windows, Linux, Mac)
· Strong malware analysis expertise
· Experience in performing memory forensics
· Knowledge of adversarial tactics, techniques, procedures (TTPs) & Industry standard frameworks (NIST, Mitre Att&ck)
· Knowledge of IT architecture and operations (computing, network, storage & cloud)
· Strong working knowledge of security technologies including but not limited to SIEM, EDR/EPP, AV, ID/PS, HIPS, Web Proxy/Content filtering, AD, PKI and DNS
· Masters in Cyber Security, Information Technology, Computer Science or relevant experience
· CISSP, CEH, OSCP,OSCE or GCIH or applicable certification in Security field
· 4+ years in a cyber security SOC/IR type skill role – Incident Response, SOC Tier 3/Lead Analyst, Threat Hunter, Penetration testing, etc.
· Financial Services experience a plus.
· Software development and/or scripting experience a plus: Python, Powershell, SQL etc.
Why this role is important to us
Our technology function, Global Technology Services (GTS), is vital to the client and is the key enabler for our business to deliver data and insights to our clients. We’re driving the company’s digital transformation and expanding business capabilities using industry best practices and advanced technologies such as cloud, artificial intelligence and robotics process automation.
We offer a collaborative environment where technology skills and innovation are valued in a global organization. We’re looking for top technical talent to join our team and deliver creative technology solutions that help us become an end-to-end, next-generation financial services company.
Join us if you want to grow your technical skills, solve real problems and make your mark on our industry.
About The Client
What we do. Our client is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation we’re making our mark on the financial services industry. For more than two centuries, we’ve been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.