We Protect Bloomberg. The Bloomberg Cyber Incident Response Team (CIRT) is responsible for detection, analysis, and incident response across Bloomberg's diverse lines of business and vast global network. 

What’s the team?

CIRT works closely with Bloomberg’s other Cyber Security Operations Center (CSOC) teams, coordinating incident response, developing and maintaining the detection program, and supporting CSOC analysts as they perform their analysis and response functions. CIRT members also collaborate with other teams within the Bloomberg organization to identify and address the latest cyber security threats. 

What's the role?

The Bloomberg CIRT is seeking a new, senior member of its team to expand our incident response and detection engineering capabilities. The ideal candidate will be a motivated and passionate professional with extensive Linux OS experience.

We'll trust you to:

• Investigate suspicious and malicious events
• Clearly communicate and document findings and thought process
• Support incident response by thoroughly analyzing network, host, and log data 
• Improve detection of threats by analyzing malware and attack techniques
• Improve detection of threats by reviewing security events & incidents
• Improve detection of threats by reviewing and actioning threat intelligence reports
• Design tooling, searches, and procedures to detect malicious activity and aid incident response
• Discover and document knowledge, including internal OS/system features, investigation techniques, and log event details
• Take ownership over solving key detection & response challenges

You'll need to have:

• 5+ years of incident response, detection engineering, or sysadmin experience related to Linux operating systems
• Understanding of the goals, methods, and tools a threat actor uses in Linux environments 
• Proven history of automating repeated tasks

We would love to see:

• 3+ years working in a cyber security operations center, detection engineering, or incident response function
• Experience defending or administrating cloud or container infrastructure
• Familiarity with Windows or Mac operating systems to support detection engineering and incident analysis
• Written and verbal communication skills sufficient to explain complex topics in everyday language
• Detail-oriented mindset
• Proactively identifying and improving tooling and processes
• Understanding of host and network Incident Response processes and tasks

If that sounds like you:

Apply - if we believe you're a good match, we'll get in touch to let you know next steps.
 
Bloomberg is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or maternity/parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law. 

Bloomberg provides reasonable adjustment/accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable adjustment/accommodation to apply for a job or to perform your job. Examples of reasonable adjustment/accommodation include but are not limited to making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. If you would prefer to discuss this confidentially, please email AMER_recruit@bloomberg.net (Americas), EMEA_recruit@bloomberg.net (Europe, the Middle East and Africa), or APAC_recruit@bloomberg.net (Asia-Pacific), based on the region you are submitting an application for.

Salary Range: 155,000 - 215,000 USD Annually + Benefits + Bonus