Incident Response (CIRT)
New York, NY
Posted Jul 18, 2018 - Requisition No. 62992
We Protect Bloomberg.
The Bloomberg Cyber Incident Response Team (CIRT) is responsible for the detection of threats and incident response across Bloomberg's diverse lines of business and vast global network.
What's The Role?
The Bloomberg CIRT is seeking a new member of its team to perform Incident Response duties such as Malware analysis, host and network forensic investigations, and threat hunting.
This function is considered a key pillar in our security design. We are looking for a motivated information security professional who has both demonstrated experience and a passion for these disciplines.
The CIRT is an open and collaborative environment where members work together to identify and address the latest in cyber security threats and attacks facing the company.
As a member of the CIRT, you will be working with the latest cyber detection and defense technologies to address the dynamic and ever-changing world of cyber-attack detection and defense.
We'll Trust You To:
- Analyze malware and other artifacts while discovering and disseminating important indicators and techniques of an attack
- Perform deep host and network level analysis in support of Incident Response
- Review and analyze raw network captures and network activity logs to identify malicious and suspicious behaviors/signatures
- Perform threat hunting activities to identify new indicators of compromise, techniques, tactics, and procedures
- Create methods and tools to detect suspicious and malicious events occurring on our networks and systems
- Action Intelligence reports to define and develop new detection techniques and criteria
- Serve as a contact point for suspicious and malicious events escalated by CSOC
You'll Need To Have:
- Experience performing hands-on malware analysis of various file types including Microsoft office, PDF, and Windows binaries
- Experience performing host and network analysis and Incident Response
- Understanding of privilege escalation, persistence, and lateral movement techniques
- Knowledge of common malware and exploit tools/techniques
- Experience with malware and attacker techniques leveraged in enterprise environments
- Static and dynamic analysis systems techniques and technologies
- Understanding of enterprise network security controls and defenses
- Scripting and automation skills
- Experience with Windows, Linux, and Mac operating systems
If This Sounds Like You:
Apply if you think we're a good match. We'll get in touch to let you know what the next steps are, but in the meantime feel free to have a look at this:
Bloomberg is an equal opportunities employer and we value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.