Security Analyst

Role : Security Analyst (1-5 years of experience)

Full-time / Permanent with bonus and benefits

Hybrid Remote in NYC - 3 days / week onsite.

No 3rd Party please.

• We are looking for a Security Analyst for a major global financial firm who will be responsible for monitoring and analyzing information security and risk profile using data and alerts generated from various systems;
• evaluating and remediating impact to the Firm resulting from the unauthorized access, use, modification, destruction, disclosure of Firm and / or client data, documents, work products, or formal records or information technology environment;

and implementing and maintaining information security systems in the Firm’s global information technology environment. The Security Analyst also assists in evaluating, selecting, and implementing new security technologies and establishing processes and best practices.

RESPONSIBILITIES :

• Performing continuous monitoring of the Firm’s information security systems, technologies, processes, and procedures, analyzing the findings and communicating exceptions, concerns and remedial steps to the Director, Information Security and Management as necessary;
• Promptly reporting any and all exceptions to policies, procedures, and operational standards to the Director, Information Security and / Chief Information Officer as necessary;
• Executing the Firm’s information security threat management process, ensuring all aspects of an event are documented and remediated;
• Monitoring and analyzing security relevant logs, events, and alerts including, but not limited to, logs from systems, applications, SIEM, AV, Firewalls, and IPS;
• document relevant incidents and suggest / co-ordinate appropriate remedial actions;
• Design and manage security logging and SIEM programs for the firms computing systems. The candidate in conjunction with the SOC provider will be responsible to setting up a successful security monitoring program.
• Coordinate with the SOC and various teams to investigate security events / incidents.
• Analyse security appliance logs, identify patterns, respond to security incidents and suggest possible process improvements as appropriate;
• Participating in projects, programs, and initiative to ensure implementation of and adherence to the Firm’s information security technology policies, procedures, processes, and technologies;
• Providing consultative direction and advice regarding to information security architectural standards, technologies, policies, and procedures for all Firm offices and facilities.
• Exhibiting the ability to think and act strategically as well as tactically, utilizing developing interpersonal and written and verbal communication skills to effectively support the Firm’s global information security functions
• Demonstrate calm, logical, analytical decision-making abilities and possess good interpersonal and communication skills.
• Must work well under pressure, and be able to coordinate project work with others inside and outside the department. Able to respond to and remediate information security events that arise unpredictably, and have a good overall understanding of the required work to maintain a highly secure environment.

REQUIREMENTS :

• The candidate should have data analytical skills;
• Exhibiting the ability to think and act strategically as well as tactically, utilizing developing interpersonal and written and verbal communication skills to effectively support the Firm’s global risk management functions;
• Sound analytical and operational judgment, the use of tact in daily and stressful situations, and sound analytical rigor applied to supporting and remediating events in the Firm’s information security systems, processes, and procedures;
• Good interpersonal, communication, organization, collaboration, and team-building skills;
• Knowledge of scripting language such as python, power shell a plus;
• Basic knowledge of designing and deploying information technology and solutions in one or more of the core domains : Endpoint protection;
• Incident Response; Malware Analysis; Application and Data security; Infrastructure and Endpoint; and Security Intelligence / SIEM;
• Understanding and experience working with structured design methodologies;
• The candidate should have data analytical skills and have a passion for threat hunting
• Knowledge of scripting language such as python, power shell a plus;

Education and Experience

• At least 1 to 3 years’ experience in one or more security domain, proven track record of implementing and operating information security systems, and working in projects related to the core domains applicable to information security architecture.
• Bachelor’s Degree in Engineering or Computer Science a plus.
• 2-5 years of progressive relevant hands-on IT experience
30+ days ago