Cyber Security Operations Manager - London
Posted Oct 2, 2019 - Requisition No. 78774
We protect Bloomberg.
The Cyber Security Operations Center (CSOC) works to understand the cyber threats we face as an organization, develops instrumentation for detection and monitors events 24x7 looking for suspicious activity. We proactively learn from current trends to build relevant detections and contextual understanding into the program. We strive to monitor meaningful security events around the clock, respond quickly, but always favor quality over speed. If an Incident occurs, we are prepared to engage appropriate stakeholders and take required actions as needed. The CSOC department reports into the CISO, and we work closely with Engineering, Legal, Compliance, Investigations and many others across the organization to help unify security event monitoring and incident response. Our colleagues depend on us to be incident response pros that have a deep understanding of IT networks and systems. On any given day, the department may analyze cyber security events, hunt for suspicious activity, research and disseminate threat intelligence, identify improvement opportunities for detection rules, enhance procedures and train analysts.
Be accountable for leading a team of cyber security analysts who are responsible for the triage and response of all cyber security events coming into our monitoring systems. This includes the analysis of events identified in our event-monitoring platform or raised by personnel. You will ensure that your team can appropriately analyze and respond to events by having them acquire the appropriate skills and experience and by arming them with appropriate tooling and understanding of the environment.
We’ll trust you to:
- Inspire and motivate a high performing team to achieve great results, while supporting individual growth and development
- Address security events by following appropriate procedures that help bring closure to a significant majority, while raising those which cannot be resolved
- Develop positive relationships across internal engineering, compliance, legal, risk and other teams for which we regularly collaborate
- Stay aligned with US-based CSOC leadership team to the extent the vision, mission, objective, events, incidents and projects happening across the team, are well understood by yourself and your staff
- Ensure successful turnover between your team and shifts working in other regions
- Conduct evaluation and career development of team members
- Suggest and drive continuous improvement of operational procedures and documentation
- Ensure team performance is on track to meet departmental goals across multiple metric categories such as efficiency and quality
- Empower your team to innovate and challenge traditional thinking of security monitoring & response
- Be involved in recruiting, hiring and identifying candidates with potential to be successful
- Build and drive strategies for your team that aligns with the department and business goals
- Learn and understand the broader security of Bloomberg’s environment
- Remain up-to-date with cyber security threats and trends
- Ensure appropriate shift coverage
You will need to have:
- Previous experience and a passion towards coaching and leading people
- Ability to conduct detailed investigations and analysis of cyber security issues
- Solid experience working in a Cyber Security Operations type environment
- Experience working with cross-regional teams
- Ability to be autonomous but proactive in reaching out for support
- Skills required to perform the role of an analyst as required (ie: Investigate various system logs and artifacts, interpreting facts and contextual information, make evidence-based decisions, etc)
- Deep understanding of cyber security trends and potential threats
- Good interpersonal and communication skills
- Strong presentation and organization skills
- Ability to drive collaboration across varying teams
- Strong understanding of computer networking concepts
- Solid grasp of Windows, Linux and Mac operating systems
- Previous experience with computer security monitoring and log analysis
- Previous experience working with a Security Event and Incident Management platform
We would love to see:
- Deep knowledge of Enterprise network and host security controls and detection techniques
- A background in attacker tools and techniques used against enterprise environments
- Experience performing malware analysis and/or protocol analysis
- Prior experience performing threat hunting operations
- Experience with Endpoint Detection and Response (EDR) tools e.g. osquery, sysmon, Carbon Black, Tanium, Falcon, etc.
- Experience with Network IDS, protocols, filtering and packet capture devices e.g. Snort, Suricata, NetWitness, Bro, etc.
- Familiarity with development processes and environment tools such as Git, Jira, Jupyter hub/notebooks
- Any of the following certifications: CISSP, CISM, GMON, GCIH or similar
- Bachelors and/or Master’s degree in related field
What is it like to work here?
We work hard. We are ambitious and set ourselves tough business goals. We are a meritocracy, where everyone has a voice – not a job title. Working with people you trust, respect, and can collaborate with is more important than titles or position. Things move fast, and we want people who will enjoy working in this environment and feed off the energy. That being said, it is not all about work. Giving back is one of our core values, and there are many ways to get involved in philanthropic initiatives, from helping local school kids with their reading, to helping clean up local parks and waterways.
If this sounds like you:
Apply if you think we are a good match. We will get in touch to let you know what the next steps are, but in the meantime feel free to have a look at this:
Bloomberg is an equal opportunities employer and we value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.