Swift

Lead SOC Analyst

Swift$121K — $225K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, IT, or related field.
  • 8+ years of experience in SOC, Incident Response, or Threat Hunting roles.
  • Proven experience leading threat hunting activities.
  • Expertise with cloud technologies (Azure, Google Cloud, AWS).
  • Experience with security tools (SIEM, IDS/IPS, EDR/XDR, SOAR).
  • Strong communication skills for documenting technical investigations.

Responsibilities

  • Lead the development of a Threat Hunting program within the SOC.
  • Participate in a 24x7 SOC with occasional shift work required.
  • Mentor junior team members and provide expert guidance.
  • Support Incident Response and Threat Detection activities.
  • Enhance detection capabilities in collaboration with Swift's Red Team.
  • Conduct Incident Response simulation exercises from a blue team perspective.
  • Triage incidents, ensuring accurate identification and follow-up.

Benefits

  • Comprehensive medical, dental, vision, and life insurance with no premium costs for employees and their families.
  • Retirement plan with matching 401k contributions.
  • Inclusive work culture promoting individuality and diverse perspectives.
  • Encouragement to apply even if all qualifications aren't met.
Full Job Description

The Cyber Fusion Centre (CFC) is looking for a Lead SOC (Security Operations Center) Analyst to join us. This team is responsible for the prevention of Cyber Security incidents by monitoring, detection, and response to potential intrusions in real time within the Swift network.

As a Lead SOC Analyst, you will provide input to security strategy and control of systems, networks, physical infrastructure, people and information. You will participate in the design, communication and execution of policies/controls/procedures as appropriate for Swift and its customers, and as consistent with the company objectives, company reputation and regulatory requirements. In this role, you will act as an operational mentor, coaching junior members within the team.

**Swift is unable to sponsor an employment authorization for this position now or in the future.


What to Expect:

You will:

  • Lead the creation and operationalization of a formalized Threat Hunting program within the SOC
  • Participate in a 24x7 SOC; occasional shift work is required for this position. Shift work typically includes one week per month Monday - Sunday, 11 AM - 7 PM and occasional holiday work; all other hours are standard working hours.
  • Provide expertise & guidance to less senior team members
  • Support Incident Response (IR) and Threat Detection development activities and report to Senior Management ensuring proper awareness and ownership
  • Support the introduction and implementation of new capabilities and IR processes and procedures within the Cyber Fusion Centre
  • Interact closely with Swift's Red Team to further enhance detection capabilities
  • Lead and participate in IR simulation exercises from a blue team perspective
  • Perform proper triage identification and scoping of incidents including identification, investigation, and follow-up of containment actions
  • Participate in the identification, development and communication of IOCs
  • Participate in the identification and coordination of eradication and remediation actions with various stakeholders and ensure timely follow-up.
  • Enhance and tune tools for efficiently managing large collections of security events
  • Stay abreast of changing technologies, emerging cyber threats and attack methodologies

What will make you successful:

Technical Qualifications

  • Bachelor's degree in Computer Science, IT, or related field
  • 8+ years of related working experience in a SOC, Incident Response, or Threat Hunting role
  • Experience performing or leading threat hunting activities
  • Experience with cloud technologies such as Azure, Google Cloud, or AWS
  • Experience with security tools such as SIEM, IDS/IPS, EDR/XDR, SOAR, etc.
  • Ability to learn in a fast-paced, multi-dimensional, technical environment
  • Strong verbal and written communication and the ability to concisely and accurately document technical investigations

Preferred Technical Qualifications:

  • Familiarity with Scripting languages such as PHP, Perl or Python and databases such as MySQL, and knowledge of Unix and Windows.
  • Security certifications such as GIAC GCIA/GCIH, CISSP, or other relevant certifications
  • Knowledge of penetration testing and vulnerability assessment capabilities and tools

The estimated salary range for a new hire in this position in Virginia is $121,564.00 USD Annual MINIMUM to $225,762.00 USD Annual MAXIMUM. Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. Our compensation packages include a competitive base salary and bonus opportunity for all employee92s contingent on personal and company performance. Our generous benefits program includes medical, dental, vision and life insurance with no premium costs for our employees and their families, and retirement plan plus matching 401k.

What we offer

We give you the freedom to be yourself. We are creating an environment of unique individuals 93 like you 93 with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyone92s voice counts and where you can reach your full potential.

Don92t meet every single requirement? At Swift, we are dedicated to building a workplace where people can bring their full selves and ideas to the team, so if you are excited about this role, we encourage you to apply even if you do not meet every single qualification.

About Swift

The Society for Worldwide Interbank Financial Telecommunication, legally S.W.I.F.T. SC, is a Belgian cooperative society providing services related to the execution of financial transactions and payments between banks worldwide. Its principal function is to serve as the main messaging network through which international payments are initiated. It also sells software and services to financial institutions, mostly for use on its proprietary "SWIFTNet", and ISO 9362 Business Identifier Codes, popularly known as "SWIFT codes". The SWIFT messaging network is a component of the global payments system. SWIFT acts as a carrier of the "messages containing the payment instructions between financial institutions involved in a transaction." However, the organization does not manage accounts on behalf of individuals or financial institutions, and it does not hold funds from third parties. It also does not perform clearing or settlement functions. After a payment has been initiated, it must be settled through a payment system, such as TARGET2 in Europe. In the context of cross-border transactions, this step often takes place through correspondent banking accounts that financial institutions have with each other. As of 2018, around half of all high-value cross-border payments worldwide used the SWIFT network, and in 2015, SWIFT linked more than 11,000 financial institutions in over 200 countries and territories, who were exchanging an average of over 32 million messages per day.
Learn more about Swift

Similar Jobs

More Jobs at Swift

  • Swift
    Lead SOC Analyst
    $121K — $225K *
    Culpeper, VA 22701 (Culpeper County)
    Information Technology
    In-Person
  • Swift
    Senior Dev/Systems Engineer
    $101K — $188K *
    Manassas, VA 20110 (Manassas City County)
    Information Technology
    In-Person
  • Swift
    Key Account Manager
    $119K — $221K *
    New York, NY 10025 (New York County)
    Finance & Insurance
    In-Person

More Information Technology Jobs

Find similar Lead SOC Analyst jobs: