LOCATION: WESTPORT, CT
DURATION: 9+ MONTHS WITH RIGHT TO HIRE
The Security Division is responsible for protecting the companies people, culture, and ideas — specifically its investment engine, which manages over $150 billion in assets for institutional clients across the globe, including public and corporate pension funds, university endowments, charitable foundations, sovereign wealth funds, and central banks. We are implementing a three-pronged structure of staff, cyber, and physical security and investing in world-class practitioners and cutting-edge technology to help us hold the highest standards in the ever-changing threat landscape. We’re committed to becoming the most innovative and formidable security team in the world.
The Security Monitoring Analyst is the last line of defense for cyber security, responsible for building and operating the system to monitor all activity on our network and hunting for malicious activity based on our most current understanding of the threat environment. Analysts are responsible for understanding and remediating malicious activity found on our network as the main actors in any cyber incident response. Further, Security Monitoring Analysts engage frequently with our engineering teams to deploy and configure new security tools that the Monitoring Analysts will operate as we strive to constantly improve our capabilities. Finally, Analysts work with external experts to understand new developments in the industry and push our Security Operations Center to the leading edge of the field.
- Monitor for and investigate internal and external threats leveraging best of breed technologies, surrounded by world class analysts
- Quickly correlate multiple data sources and apply various analytical techniques to determine the best remediation strategy, and perform remediation until incident is contained or resolved
- Isolate, review, analyze and reverse-engineer suspicious or malicious software recovered from compromised hosts and produce highly accurate and concise technical reports identifying the capabilities of discovered malware.
- Build and own tools for monitoring, auditing, logging, forensics, and analysis as well as the automation and systemization of those activities
- Continually keep up to date with current trends, tactics, and vulnerabilities in the security space through a demonstrated hunger and passion for the industry
- Troubleshoot Forcepoint proxy issues related but not limited to Decryption, Authentication, and Site Filtration
- Bachelor’s degree or higher in Information Technology or related field
- Minimum of five (5) years of Information Security experience- including IDS, malware sandbox, handling of incidents in an enterprise environment.
- Experience working in a dynamic and collaborative environment, able to speak about complex and technical topics with non-technical and technical colleagues.
- Excellent analytical and problem-solving skills
- Ability to leverage both open-source and commercial tooling to quickly close investigations
- Security minded and detail oriented
- In-depth knowledge of and experience with networking / routing
- Knowledge of Network Devices and Packet flow
- Wireshark or similar packet capturing knowledge
- Deep knowledge of web proxies (Forcepoint/Websense, Symantec/Blue Coat, McAfee etc…)
- Knowledge and experience with SMTP protocol and mail flows
- Technical Writing Experience
- Excellent communication skills (client-facing)
- Understanding of HTTPS and ability to troubleshoot communications with proxy
- Understanding of Authentication Methods and how to troubleshoot issues revolving around them
- Knowledge of Linux (CentOS / Redhat) environments a plus
- Data Security and Regulatory Compliance a plus
- Splunk or SIEM experience a plus
- Cloud technologies such as AWS, Azure, etc.
- Scripting/Programming (Python, PowerShell, Lua, C, etc.)
- Offensive as well as defensive security tools and operations
Technical Resource Manager | MatchPoint Solutions | Office 925-829-7755 | Email email@example.com