Description & Requirements What's the role? The Staff Risk and Investigations team within Bloomberg's Chief Information Security Office (CISO) is responsible for implementing an Insider Threat program across Bloomberg, including designing and building dynamic models focused on detecting anomalous user behavior and other high-risk events.
Bloomberg is seeking a highly capable individual to join the Staff Risk and Investigations team (SR&I) as a Detection Engineer! This person would enhance the Insider Threat program by working closely with security, development, and investigative teams to solve complex risk and security challenges.
We'll trust you to: - Research, develop, document and tune novel detections that uncover anomalies related to insider risk
- Leverage technology, custom analytics and automation to create scalable detection pipelines and support investigative workflows
- Design and mature detection strategy, including continuously evaluating changes in actors, tactics, techniques and targets to enhance threat scenarios and use cases to ensure team maintains pace with a changing insider threat landscape
- Develop and maintain strong working relationships and cross-functional collaboration with key partners and stakeholders including Information Security, Technology, Physical Security, Incident Management, Legal, HR and others
You'll need to have: - 5+ years experience working in a detection, incident response, or insider-risk role -- we are seeking mid-level and senior candidates
- Experience with a broad range of security tools and technologies including endpoint detection and network technologies, and SOAR/SIEM platforms
- Initiative and ability to thrive in a dynamic, fast-paced and collaborative environment with minimal supervision
- Demonstrated success in managing projects and working closely with business stakeholders
- Experience in working with and handling extremely sensitive materials and information
- Awareness of latest cyber security trends and developments
- Proficiency in Python and SQL
- Strong verbal and written communication, presentation and stakeholder management skills
We'd love to see: - Exposure to or knowledge of employment and/or privacy laws and regulation
- Experience with AI / LLM technologies to help enrich and automate security operational processes
- Computer forensics, including analyzing Linux, Windows, and MacOS systems
- Comfort with presenting to executive leaders in technology roles and explaining security risk to non-tech fields
Salary Range = 190,000 - 260,000 USD Annual + Benefits + Bonus
The referenced salary range is based on the Company's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level.
We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation (exempt roles only), paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns.
