Job Description

About the Opportunity Job Type: Permanent Application Deadline: 31 July 2023 Title: Cyber Security - Technical Specialist, Cyber Defence Operations Department: FIL - Cyber Defence Operations Location: India, Bangalore Reports To: Detection Engineering & Automation Manger - CDO (UK) Level : 4 We\'re proud to have been helping our clients build better financial futures for over 50 years. How have we achieved this By working together - and supporting each other - all over the world. So, join FIL - Cyber Defence Operations and feel like you\'re part of something bigger. Department Description The Global Cyber & Information Security function is a part of the Global Technology department. The Global Technology Group function provides IT services to the Fidelity International business. These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, marketing and customer service functions. The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation. Global Cyber & Information Security is made up of the following functions Application Security Centralised Access Management Infrastructure Security Security Engineering and Architecture Security Application Support Cyber Defence Operations (CDO) Information Security (and the ISO function) The Cyber Defence Operations function at Fidelity International is part of the Global Cyber & Information Security (GCIS) Group, reporting to the Head of Global Cyber & Information Security.Our mission is to develop an intelligence-led, proactive cyber security response to defend Fidelity and its assets from cyber threats,toreduce risk andbusinessimpact. We adoptan\'assumed breach\'positionusingmultiple in-depthcapabilities forprotection,detectionand responsealong withestablishedplaybookstoenablerapidresponsewhen an event occurs. Purpose of your role The successful candidate will be experienced in security operations, understanding the value of automated security actions and how this can enhance an analysts response to events. This is a critical role expected to build and maintain our security control portfolio and help mature our monitoring and response processes. The successful candidate will be comfortable working at a deep technical level, proactively suggesting and implementing control improvements whilst also being able to prioritise backlog engineering work (mainly sourced from our front-line SOC team). The successful candidate will be able to demonstrate understanding of frontline security analysts workloads, experience in simplifying and automating security actions and an understanding on how best to maintain security tooling. The role will be supported by a strong security leadership team who are keen to develop our controls underpinned by our investment in leading security tooling. Our leadership team will be looking at this role to significantly decrease our time to respond - a key KPI for us. Key Responsibilities . Ensure controls are kept up to date, analysing and utilising new features as they are released . Working as part of a global engineering team to deliver high priority tickets items . Proactively improve our front-line teams BAU activities . Focus on quick-wins that can immediately help free up analyst time . Create regular workshops to obtain suggestions and demonstrate improvements . Ensure our security controls are integrated with each other - sharing information rather than silo\'d controls . Working with other security teams to look at how we can use their data to enhance our own monitoring Experience and Qualifications . Experience and strong understanding of frontline security operations . Competent in scripting languages required for automation e.g KQL, C, C++, Java, Python, etc . Experience managing an EDR, SIEM or SOAR platform . Some reporting ability, with an understanding on how to tailor reports to show capacity and efficiency improvements . Familiarity with how to build controls in a scalable easily maintainable way . In depth understanding of modern security automation technologies . Understanding of how raw security data can flow between technologies and be manipulated to provide useful security information. . Experience in Azure or AWS cloud environments . Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning this into improvements. . Banking or Finance industry related experience desirable . Security Engineering certifications preferred Soft skills Analytical skills Challenge the current processes Passion for the cybersecurity field Time management Able to organize others Your skills and experience At least 2 years of experience working in a SOC or Incident Response position. Knowledge of or experience working with security (SIEM, NetFlow, IDS/IPS, Anti-Virus) Experience explaining the risk of security threats and creating mitigations. Experience of general IT infrastructure technologies and principles. Understanding of the underlying protocols including: HTTP, HTTPS, SMTP, SQL. Understanding of Networking Architecture (OSI Model). Experience using data science or advance analytical tools to solve security incidents. Ability to automate tasks using scripting on both Windows and Linux systems. Programming experience (PowerShell, Bash, Python, JavaScript) Nice to have Experience dealing with security incidents using the NIST framework. Nice to Have Certifications - Security+, Network+, GCIA, GCIH, GCFA, GMON, GNFA, SSCP, OSCP Experience in ServiceNow Security Operations Module Feel rewarded For starters, we\'ll offer you a comprehensive benefits package. We\'ll value your wellbeing and support your development. And we\'ll be as flexible as we can about where and when you work - finding a balance that works for all of us. It\'s all part of our commitment to making you feel motivated by the work you do and happy to be part of our team. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.

foundit