Security Engineer Salary: $140k-$150k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 3+ years of related experience Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Responsibilities Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned.
15/01/2025
Full time
Security Engineer Salary: $140k-$150k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 3+ years of related experience Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Responsibilities Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned.
Security Engineer Salary: $140k-$150k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 3+ years of related experience Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Responsibilities Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned.
14/01/2025
Full time
Security Engineer Salary: $140k-$150k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 3+ years of related experience Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Responsibilities Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Associate Principal, Cyber Defense. This role is focused on threat intelligence, incident response, security alerts, events analysis, network traffic, etc. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Qualifications: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices.
14/01/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Associate Principal, Cyber Defense. This role is focused on threat intelligence, incident response, security alerts, events analysis, network traffic, etc. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Qualifications: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Associate Principal, Cyber Defense. This role is focused on threat intelligence, incident response, security alerts, events analysis, network traffic, etc. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Qualifications: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices.
14/01/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Associate Principal, Cyber Defense. This role is focused on threat intelligence, incident response, security alerts, events analysis, network traffic, etc. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Qualifications: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will be responsible for the in-depth analysis and response to security incidents escalated from Tier 1 analysts. This role involves investigating complex security events, identifying potential threats, and implementing measures to mitigate risks. The Tier 2 analyst plays a critical role in maintaining the security posture of the organization by leveraging advanced threat intelligence and incident response techniques. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Participate in post-incident reviews to identify areas for improvement. Stay current with the latest cybersecurity trends, threats, and technologies. Contribute to the development and enhancement of SOC processes and procedures. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Knowledge and experience implementing controls based on security regulation (eg, NIST Cyber Security Framework) is a plus. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Cloud based security tools and techniques (AWS, Azure, GCP, etc.) Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices. Education and Experience: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Industry knowledge of leading-edge security technologies and methods. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Previous people/project management experience is a plus. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+.
10/01/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will be responsible for the in-depth analysis and response to security incidents escalated from Tier 1 analysts. This role involves investigating complex security events, identifying potential threats, and implementing measures to mitigate risks. The Tier 2 analyst plays a critical role in maintaining the security posture of the organization by leveraging advanced threat intelligence and incident response techniques. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Participate in post-incident reviews to identify areas for improvement. Stay current with the latest cybersecurity trends, threats, and technologies. Contribute to the development and enhancement of SOC processes and procedures. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Knowledge and experience implementing controls based on security regulation (eg, NIST Cyber Security Framework) is a plus. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Cloud based security tools and techniques (AWS, Azure, GCP, etc.) Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices. Education and Experience: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Industry knowledge of leading-edge security technologies and methods. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Previous people/project management experience is a plus. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will be responsible for the in-depth analysis and response to security incidents escalated from Tier 1 analysts. This role involves investigating complex security events, identifying potential threats, and implementing measures to mitigate risks. The Tier 2 analyst plays a critical role in maintaining the security posture of the organization by leveraging advanced threat intelligence and incident response techniques. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Participate in post-incident reviews to identify areas for improvement. Stay current with the latest cybersecurity trends, threats, and technologies. Contribute to the development and enhancement of SOC processes and procedures. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Knowledge and experience implementing controls based on security regulation (eg, NIST Cyber Security Framework) is a plus. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Cloud based security tools and techniques (AWS, Azure, GCP, etc.) Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices. Education and Experience: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Industry knowledge of leading-edge security technologies and methods. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Previous people/project management experience is a plus. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+.
10/01/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Sr. Cyber Defense Threat Engineer. Candidate will be responsible for the in-depth analysis and response to security incidents escalated from Tier 1 analysts. This role involves investigating complex security events, identifying potential threats, and implementing measures to mitigate risks. The Tier 2 analyst plays a critical role in maintaining the security posture of the organization by leveraging advanced threat intelligence and incident response techniques. Responsibilities: Monitor security alerts and events from various security tools and technologies. Perform advanced analysis of security logs, network traffic, and endpoint data. Review and respond to security incidents escalated by Tier 1 analysts. Conduct thorough investigations to determine the scope and impact of security incidents. Implement containment, eradication, and recovery measures for confirmed incidents. Document and report findings, actions taken, and lessons learned. Work closely with threat intelligence team to enhance detection and response capabilities. Collaborate with other security team members and IT staff to address security incidents. Provide guidance and support to Tier 1 analysts on complex security issues. Communicate effectively with stakeholders regarding security incidents and mitigation efforts. Participate in post-incident reviews to identify areas for improvement. Stay current with the latest cybersecurity trends, threats, and technologies. Contribute to the development and enhancement of SOC processes and procedures. Qualifications: Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Team Leadership experience, taking initiative; providing and following through on solutions across various skillsets. Knowledge and experience implementing controls based on security regulation (eg, NIST Cyber Security Framework) is a plus. Effective and excellent oral and written communication, analytical, judgment and consultation skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong project management skills. Log analysis and security content development in SIEM solutions (Splunk, IBM QRadar, LogRhythm, etc.). SOAR products such as Splunk SOAR, Cortex XSOAR, FortiSOAR, etc. SOAR playbook development experience is a plus. Endpoint detection and response tools, eg CrowdStrike, SentinelOne, Microsoft Defender, etc. Incident Response playbook development, managing security incident analysis and remediation. Network-based preventative and detective technologies (IDS/IPS, Firewalls, Proxy Servers) Standard technical writing tools including MS Word, Excel, Project and Visio Vulnerability assessment tools (Qualys, Nessus, nmap, etc.). Directory services, LDAP, and their inherent security (Active Directory, CA Directory, Entra ID). Client Server platforms including Sun Solaris, Windows, Linux. Operating system hardening procedures (Solaris, Linux, Windows, etc.) Web Application Firewalls. Cloud based security tools and techniques (AWS, Azure, GCP, etc.) Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices. Education and Experience: Bachelor's degree in cybersecurity, computer science, or another related field. Minimum three years of information security experience, preferably in the financial services industry. Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages, Incident Response. Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives. Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure. Industry knowledge of leading-edge security technologies and methods. Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities. Previous people/project management experience is a plus. Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+.
Lead Research Analyst Railway | Transport £60,000 - £70,000 + Bonus and a very strong benefits package London | 2 days in the office - potential flex on this The Company: I'm currently working with a major player within the railway space that lead the industry's drive for innovation. They plays a key role in ensuring safety and improving performance across the UK railway network. The business collaborates with various stakeholders to develop and implement standards, facilitate research, and promote best practices. Operating as a non-profit, it provides guidance, tools, and resources to support safe and efficient operations, focusing on continuous improvement and innovation within the industry. They are looking for an experienced research analyst to join the business as the team continues to grow - This is a great opportunity to work with research that makes a tangible difference to the rail industry and you can really see and shape how things operate. As Lead Research Analyst you will: You will lead the reviews and assessments of research requests and cases and further develop and evaluate the case for research Utilise industry knowledge to work closely with internal stakeholders and Project Managers to review and steer the research Lead and contribute to shaping the overall strategy for evaluating, prioritising, and structuring research, while regularly reviewing processes, tools, and methods to ensure they remain effective, adaptable, and consistently applied Work with the senior research management team to identify opportunities to improve and update processes In this role you will be responsible for managing a team of 3 research analysts Requirements: 5 + years of research experience Experience working within the transport sector - ideally railway Experience leading a team Skilled in collecting, organising, and analysing both qualitative and quantitative data Experience in designing research frameworks, evaluating anticipated and actual benefits, and facilitating the transition from research completion to benefit realisation Has stakeholder manger experience If you're interested in this Lead Research Analyst opportunity please apply below *Rates depend on experience and client requirements
08/01/2025
Full time
Lead Research Analyst Railway | Transport £60,000 - £70,000 + Bonus and a very strong benefits package London | 2 days in the office - potential flex on this The Company: I'm currently working with a major player within the railway space that lead the industry's drive for innovation. They plays a key role in ensuring safety and improving performance across the UK railway network. The business collaborates with various stakeholders to develop and implement standards, facilitate research, and promote best practices. Operating as a non-profit, it provides guidance, tools, and resources to support safe and efficient operations, focusing on continuous improvement and innovation within the industry. They are looking for an experienced research analyst to join the business as the team continues to grow - This is a great opportunity to work with research that makes a tangible difference to the rail industry and you can really see and shape how things operate. As Lead Research Analyst you will: You will lead the reviews and assessments of research requests and cases and further develop and evaluate the case for research Utilise industry knowledge to work closely with internal stakeholders and Project Managers to review and steer the research Lead and contribute to shaping the overall strategy for evaluating, prioritising, and structuring research, while regularly reviewing processes, tools, and methods to ensure they remain effective, adaptable, and consistently applied Work with the senior research management team to identify opportunities to improve and update processes In this role you will be responsible for managing a team of 3 research analysts Requirements: 5 + years of research experience Experience working within the transport sector - ideally railway Experience leading a team Skilled in collecting, organising, and analysing both qualitative and quantitative data Experience in designing research frameworks, evaluating anticipated and actual benefits, and facilitating the transition from research completion to benefit realisation Has stakeholder manger experience If you're interested in this Lead Research Analyst opportunity please apply below *Rates depend on experience and client requirements
