Working with an exciting fintech company that is a world leader in the evolution of electronic trading to bring on a InfoSec Operations and Threat Hunt lead to their growing security team.
The ideal candidate in this role should have extensive experience leading triage and threat hunting functions within complex global environments. Managing the global SOC coordination with external partners and internal teams to enhance detection and response capabilities are a core responsibility of this role. Establishing the threat hunting program and liaising with the Cyber Threat Intelligence and engineering teams, leading digital forensic investigations and providing support as a key stakeholder on the enterprises incident response team also fall under the scope of this role.
This is a fully remote opportunity but the candidate must be located in the Tri-State area (onsite presence a couple times a month). Compensation for this role ranges between 130K -230K base + bonus.
- As a responsible individual for SOC, DFIR, and threat hunting, drive security automation strategies within Cyber and wider technology teams to streamline incident triage, reducing human effort for routine response activities.
- Actively drive the maturity and stability of security controls while partnering with various engineering teams to provide operational oversight and lead root cause analysis, where required.
- Ensure procedural documentation and technical runbooks are detailed, tested, and kept up to date.
- Train and mentor junior members of the team to foster an environment of growth.
- 10+ years of Cyber Security experience with at least 5 years focusing on security operations, incident response or cyber threat investigations.
- Extensive knowledge of SIEM technologies and hands-on experience with at least one of the following technologies: Splunk, ELK, QRadar.
- Expertise with commercial and open-source digital forensic toolsets such as Encase, AccessData, SIFT, Axiom.
- In-Depth system administration experience with operating systems such as Mac, Linux, Windows.
- Deep knowledge of network security architecture (firewalls, IDS/IPS, DMZ, proxies) and internet protocols and web service technologies (HTTP, DNS, TCP/UDP and REST).
- Technical understanding of incident response frameworks and methodologies with a focus on automation.
- Strong scripting skills in at least one of the following languages: Python, Bash, or PowerShell.
- Bachelor's degree in Computer Science, Information Security, or a related field.
- CISSP, CISM or equivalent qualifications preferred.
- Highly competitive medical, dental, and vision programs
- 401K Program
- PTO and Parental Leave
- Tuition Reimbursement