IT.Security Analyst

About Citco

JOB DESCRIPTION

Citco is a global leader in fund services, corporate governance and related asset services with staff across 80 offices worldwide. With more than $1 trillion in assets under administration, we deliver end-to-end solutions and exceptional service to meet our clients’ needs.

For more information about Citco, please visit www.citco.com

About The Team & Business Line

Proprietary software solutions and innovation are at the core of what differentiates Citco in the alternative investment space. Through our network of global development centres, Citco invests heavily in technology development, security, and infrastructure to ensure our clients continue to receive award-winning products that underpin our commitment to service excellence.

As a core member of our Security team you will work with dedicated professionals to ensure our clients maintain access to their critical information assets while keeping Citco ahead of industry trends.

Position Description

The SOC Analysts work collaboratively to detect and respond to information security incidents, maintain and follow procedures for security event alerting, and participate in security incident investigations. The SOC analyst is responsible for investigating security events by performing the following:

• Monitoring
• Researching
• Classifying
• Analyzing
  
  

The SOC Analyst’s Primary Responsibility Is To Determine What Alerts Or Abnormal Activity Represents a Real Threat To Citco Assets And Data, By Performing Threat Identification, Containment, Eradication, Analysis And Reporting. The SOC Analyst Achieves This By Working With Threat Protection Solutions Like

• Security Incident and Event Management (SIEM)
• Endpoint Protection (EPP)
• Endpoint Detection & Response (EDR) systems
• Email Threat Protection (ETP) platforms
• Security Orchestration, Automation and Response (SOAR) platform
• Intrusion Prevention Systems (IPS) or NGFW’s
• Others
  
  

The SOC Analyst is expected to understand fundamental networking and security principles as well as be familiar with common network and endpoint security threat protection solutions. A strong candidate will have a proven understanding of current cyber threats, threat intelligence and an understanding of attack trends relevant to an enterprise environment.

Security Analysts work with and learn from experienced security team leaders and use the latest technology to detect, analyze and limit intrusions and security events. Candidates must be willing to work in a 24x7x365 SOC environment, demonstrate intuitive problem solving skills and allow for flexible scheduling. The SOC Analyst must be competent to work at a high technical level, have a good understanding of threat routes/pathways, identification of potential/active threats, and understand how threat vectors can impact the environment.

Organizational Relations

This position is within the IT Security group which is responsible for overseeing information security within Citco.

Responsibilities

Your Role:

• Monitors and analyzes Intrusion Prevention Systems (IPS) and Security Information and Event Management (SIEM) to identify security issues for remediation
• Performs network and endpoint security monitoring and incident response
• Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies
• Creates, modifies, and updates Security Information Event Management (SIEM) rules
• Escalates alerts regarding intrusions and compromises to the network infrastructure, applications and operating systems
• Assists with analysis of threat data obtained from proprietary and open source resources to provide indication and warnings of impending attacks against networks within the relevant vertical
• Prepares briefings for SOC Manager and reports of analysis methodology and results
• Creates and maintains standard operating procedures and other similar documentation
• Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty
• Work independently with or without direction and/or supervision
• Demonstrate effective teamwork and working relationships with others, both from CITCO and security vendors
• Other projects and responsibilities, as assigned by direct supervisor
  
  

Qualifications

About You:

• 1-2 years experience in an in-house Security Operations Center team, or in an Security Consulting firm with an understanding of networking principles in a global environment across multiple data centers
• Candidates must be able to work a flexible schedule within a 24x7x365 Security Operations Center (SOC) environment, as well as may be expected to work holidays.
• A strong candidate is expected to have some or all of the following traits:
• EXCELLENT ANALYTICAL AND PROBLEM SOLVING SKILLS AND INTERPERSONAL SKILLS TO INTERACT WITH TEAM MEMBERS AND UPPER MANAGEMENT
• AN UNDERSTANDING OF CYBER SECURITY INCIDENT RESPONSE AND NETWORK SECURITY MONITORING
• FUNDAMENTAL UNDERSTANDING OF COMPUTER NETWORKING (TCP/IP), KNOWLEDGE OF WINDOWS, LINUX AND CISCO OPERATING SYSTEMS AND INFORMATION SECURITY PRINCIPLES
• KNOWLEDGE OF INTRUSION DETECTION/PREVENTION SYSTEMS (IDS/IPS) AND SIEM TECHNOLOGIES IN AN ENTERPRISE ENVIRONMENT
• GOOD KNOWLEDGE OF ENDPOINT PROTECTION (EPP) AND ENDPOINT DEFENSE AND RESPONSE (EDR) SOLUTIONS
• FAMILIARITIY WITH SYSINTERNALS TOOLS
• DRIVE TO LEARN AND A DESIRE AND MONTIVATION TO ACHIEVE IT SECURITY RELATED CERTIFICATIONS
  

Our Benefits

Your well being is of paramount importance to us, and central to our success. We provide a range of benefits, training and education support, and flexible working arrangements to help you achieve success in your career while balancing personal needs. Ask us about specific benefits in your location.

We recognize diversity as a source of organizational pride and strength. We have made it a priority to reflect our nation’s evolving diversity in the people we hire, and the culture we create in our organization.

Citco welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection.