The ICE Cybersecurity Architecture team is responsible for global Cybersecurity engineering and architecture in a highly-regulated critical financial infrastructure environment. We are looking for an Engineer to join our team.
Duties and Responsibilities
- Security Analytics - Designs and maintains security data flow from network endpoints through aggregation, retention, parsing, SIEM correlation and datalake mining
- Behavioral Analysis - Identifies and implements tools to baseline activity and alert or limit suspicious activity and insider threat among networks, databases, data and users
- Intrusion Detection and Prevention - Maintains commercial and open source wired and wireless infrastructure, tweaking rules to limit false positives and keep up with new threats while producing actionable data. Designs and manages Web Application Firewall (WAF) logic and rulesets.
- Content Filtering and Advanced Threat Protection – Designs and adjusts egress content filtering, and advanced network and endpoint-based malware prevention and detection controls
- Software Engineering - builds custom tools to automate SOC triage and response activities to combat phishing, lateral movement, system monitoring, and security workflow.
- Visualization - Identifies new solutions and enhances existing open source and bespoke visualization toolsets to identify trends, compress event triage, understand data flows, identify anomalies, and automate reporting and analysis.
- Document and effectively publish technology guidance and repeatable processes
- Mentor peers within groups and individually
- Improve processes and introduce superior technology
- Take initiative to learn business goals, liaise with other departments, and identify ways to increase productivity in other ICE groups and offices
- Serve as a responsible Subject Matter Expert (SME) on one or more tools or technologies via learning, testing, implementing, enhancing, and educating.
Knowledge and Experience
- University degree in Engineering, MIS, CIS, or related discipline
- 3 or more years of relevant experience
- Hands-on experience with Systems Administration and/or IP Networking
- Experience supporting an advanced software development organization
- Experience in an exchange, trading facility, or financial services
- Specific Technologies: Data collection, normalization, indexing, correlation, and visualization. Packet capture, protocol identification, and analysis. Network, application, and log-based behavioral detection tools. DNS and application-level content-filtering. SMTP content, header, and attachment detection, filtering, and analysis. Network and WAF configuration, tuning, and optimization. Scripting, regular expressions, string-parsing, light SDLC, and project management.
Intercontinental Exchange, Inc. is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin or ancestry, age, disability or veteran status, or other protected status.