Tower Research Capital, a high-frequency proprietary trading firm founded in 1998, seeks a Security Operations Analyst to join our Global Cybersecurity team.
As part of the Global Cybersecurity team, individual(s) will work to continually improve the security posture and service by monitoring, identifying and correcting security gaps and countermeasures.
- Monitor alerts for potential security incidents and requests for information. This includes, but not limited to monitoring of real-time channels, tools, dashboards, periodic reports, chat sessions, and tickets.
- Follows incident-specific procedures to perform basic triage of said potential security incidents to determine their nature and priority and eliminate obvious false positives and process requests for information.
- Escalate potential security incidents to senior analysts and implement countermeasures/mitigating controls.
- Serve as a subject matter expert in at least one security-related area (e.g. Malware re-engineering, Cloud Security, Phishing, Deception etc)
- Coordinate with stakeholders with supporting third party security service providers to triage alerts, events or incidents.
- Monitor and analyze Security Information and Event Management (SIEM) to identify security issues for remediation.
- Knowledge of creating Security Information Event Management (SIEM) policy rulesets.-Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
- Interface with a variety of customers in a polite, positive, and professional manner.
- Documents all actions taken in a ticketing system
- Total industry experience of 3-6 Years with a minimum of three years in the Information Security / Cybersecurity domain with a focus on security event monitoring and analysis.
- This role is to make sure there is weekend coverage for the InfoSec team to cover Crypto trading. So this person will need to be working on Saturday/Sunday with the other days being flexible.
- Proven track record and experience of the following in a highly complex and global organization:
- Analyzing detected security events
- Performing triage of potential security incidents
- Certifications: Professional security management certification preferred, such as Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH).
- Experience with the technologies including, but not limited to SIEM, IDS/IPS, Network/Host based firewalls, data leakage prevention (DLP).
- Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
- Experience scripting in a major language (python/bash/powershell)
- Willing to work on any of three shifts to offer 24 hours support service.
- Understanding of common network devices such as routers, switches.
- Understanding of basic networking protocols such as IP, DNS, HTTP.
- Excellent written and verbal communication skills, interpersonal and collaborative skills.
- Strong analytical and problem-solving skills.
- Self-motivated to improve knowledge and skills.
- A strong desire to understand the what / why / how of security incidents.
Tower’s office is located in Downtown Montreal and is easily accessible by public transportation. While we work hard, Tower’s cubicle-free workplace, jeans-clad workforce, and well-stocked kitchens reflect the premium the firm places on quality of life. Benefits include:
- Competitive salary and performance-based bonuses
- 5 weeks of paid vacation per year
- Lunch and snacks on a daily basis
- Reimbursement for health and wellness expenses
- Free events and workshops