Job Overview The Cybersecurity Analyst will be responsible for executing the firm's cybersecurity strategy by configuring and monitoring the various security technologies in place throughout the firm, conducting risk assessments, identifying areas of improvement, assisting in user awareness/training exercises, and acting as a subject matter expert to liaise with various teams within the firm.
Major Responsibilities - Contribute to maturing a global cybersecurity program at a large investment firm with a unique threat landscape
- Evaluate and make recommendations for cyber policies
- Ability to work with cyber tools and cyber services vendors
- Expand the security awareness function, fostering user engagement and participation in cybersecurity training
- Assist with triaging and investigating cyber events by extracting audit logs, alert logs, and understand severity of a possible attack
- Collaborate with development teams to ensure all first and third party code is assessed and secured
- Conduct security assessments throughout the firm to identify vulnerabilities, opportunities for improvement, and cybersecurity risks
- Evaluate external organizations via the Third Pary risk assessment program
- Integrate threat intelligence into current toolset
- Perform internal and external penetration tests to ensure hardened perimeter and robust security posture
- Develop automation to improve efficiencies and response time when addressing security events
- Provide technical guidance across IT organization based on remediation findings and industry best practices
- Create cyber program efficiencies via AI integration
What We Value- 3+ years of cybersecurity experience and technical security certifications desirable e.g. OSCP, GCIH, AWS Certified Security
- Familiarity with MITRE and other Cybersecurity Frameworks
- Basic understanding of AI security and protective measures
- Understanding of application security coding best practices and how to embed security into a CI/CD pipeline
- Experience in teaming exercises (red/blue/purple)
- Understanding of scripting languages related to Automation and Orchestration
- Knowledge of exposure management and DLP tools as well as associated technologies
- Familiarity with Windows and Linux Operating Systems
- Basic understanding of cloud security concepts
- Familiarity with network and email security concepts
- Passion for information security and solving complex problems
- Strong analytical and communication skills
We anticipate the base salary of this role to be between $125,000-150,000. In addition to a base salary, the successful candidate will also be eligible to receive a discretionary year-end bonus.
