CSOC Threat Analyst
New York, NY
Posted Nov 29, 2016 - Requisition No. 55854
We protect Bloomberg.
Companies have never faced a more complex set of challenges around risk, compliance and information management. Our Tier 2 security analysts are our trusted guards that defend our clients and colleagues against cyber threats. On any given day we'll field issues from our front-line triage team and advancing complex matters to our teams in Risk, Investigation and Incident Response.
What's in it for you?
Utilizing your knowledge of malware, data loss techniques and system intrusions you will be helping Bloomberg defend against threats. You are front line of defense to handle malicious activity on Bloomberg’s networks. This function is considered to be a key pillar in Bloomberg's security program design and defense strategy.
You'll need to be able to:
- Monitor for intrusions and insider threats
- Evaluate severity and impact of Cyber Threat scenarios
- Perform second-level analysis, remediation and critical issues on a wide variety of events from various sources to evaluate if they pose a threat to Bloomberg
- Assist engineers in developing cyber defense tools, procedures, tuning and new detection capabilities
- Identify and model new threat scenarios
- Support investigations of wrong doing by internal or contracted staff
- Be flexible for possible after hours critical issues from our first tier Cyber Security Operations
- Possible participation in the ongoing development and improvement of our Insider Threat Program and security metrics program
- Participates in a 24/7 operation that hunts for and responds to security events on our networks
- Participate and lead large-scale security incidents
- Collaborate directly with teams from around Bloomberg to resolve urgent matters in a constructive and thoughtful manner
We trust you to have:
- 3+ years’ experience within a Security Operations Center (SOC) resolving events related to malicious intrusion, data loss, user behavior anomalies and real passion for all of it
- Coding / scripting experience in one or more general purpose languages
- Programming experience in Python or R
- Experience with analyzing large data sets and intrusion detection systems
- Deep understanding of common exploitation tools, tactics, procedures and remediation of malware
- Demonstrated expertise with threat hunting and threat modeling
- Middle-ware web services (IIS, Apache)
- Databases (MS SQL, Oracle, DB2)
- Network routing protocols & TCP/IP
- Windows, Linux and MAC Operating Systems
- Familiarity with Active Directory and its related security controls routers, firewalls, switches, network transport and application protocols
- Familiarity with enterprise computer network defense systems, such as NIDS, HIDS, SIEMs, web proxies, A/V
- Microsoft office solutions
- Strong soft skills around:
- Global Customer Support
- Communication, collaboration & technical presentation to a non-technical audience
- Self-leadership and accountability
- Interfacing effectively with senior leadership
We would love to see:
- Experience working with custom tools, including minor troubleshooting
- Some familiarity and experience with user behavior analytics platforms
- Experience with data analysis or machine learning
If this sounds like you: Apply! If we believe you're a good match, we'll get in touch with you to let you know the next steps.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.