Principal Cybersecurity Analyst
4.
0 2 days ago Full Job Description
Job Description:
The Role Principal Cybersecurity Analyst Looking for an energetic, hard charging individual able to keep up in an exciting and fast-moving security operations team that is engaged in several high-profile security projects to enhance Fidelity's security posture.
The candidate will be immersed in a quick changing environment in a very rapid changing threat landscape, working with numerous security professionals.
The qualified candidate must be adaptable and able to work in a fast-paced environment where learning new skills and understanding new system architectures quickly is a key to success.
The job involves performing functions related to Network and Perimeter specialized Security Architect including Web Application Firewall, Email Security, Network and cloud security architecture assessment, Cyber Incident Response, Change Management.
The Team The Principal Cybersecurity Analyst will be working on external defense team to ensure indications of compromise are promptly identified and stakeholders are informed with actionable and complete information.
This role will assist and coordinate with incident response staff, threat intelligence, vulnerability management, and perimeter security teams during response activities and cyber investigations.
This position works closely with our ISO for each Business Unit and directly with internal and external customers.
The Expertise You Have Technical:
Network & Perimeter security Expert with an outstanding understanding of the latest practices and trends in edge security.
Evaluate, deploying and managing Akamai / AWS / Azure Web Application Firewall security configuration.
Advance experience on Splunk or other SIEM (Security information and event management) Monitoring.
Log Analysis Expertise - Web logs, NetFlow and Packet Analysis Strong experience in Web application firewall and API Security.
Good knowledge of Email Security (EOP), Email Security Network IDS/IPS, WAF, DDoS Control and Cloud Security Analyzing web traffic patterns to improve protections.
Reviewing policy enforcement change requests; interviewing submitters who have requested security configuration changes and require additional requirements gathering.
Knowledge of Agile, Cloud security, DevSecOps, Open Source and a programming language is of substantial advantage Behavioral Positive personality and can-do attitude; you also have good communication skills with an excellent command of the English language.
Open-minded, empathic and a team-mate with a partnering approach and an enthusiastic and motivated personality, with demonstrated experience in solving complex challenges Intellectually curious and therefore remain abreast of new technologies and developments relating to technical products that might be used enterprise wide and software delivery methodologies Proficient in balancing business partner views and interests Senior technical and non-technical Stake holder management skills The Skills You Bring 6 to 8 years of security experience desired, preferably in a matrix-driven corporate environment.
Security experience with any WAF provider, API definitions, custom rules, writing bot management rules and analyzing traffic logs.
Proven experience troubleshooting and simulating HTTP client requests (e.
g.
, curl, postman, HAR file analysis).
Strong understanding of core networking concepts (e.
g.
- TCP/IP, DNS, HTTP, proxy, load-balancing, etc.
).
Functional experience with Splunk, SIEM, or other log aggregation & analysis technologies.
Experience with cloud solutions such as AWS or other IaaS/PaaS/SaaS environments.
Ability to interact with both technical and non-technical staff, including management and executives, with experience articulating technical material in business terms.
Functional understanding of network controls and policies to stop cyber threats.
Familiarity with external facing security controls that can stop external attacks that may occur:
such as WAF tuning, Bot management, API protection, network policy governance, troubleshooting, and incident response.
Familiarity with criminal activities and the attacks that may occur in each layer of the OSI model.
Ability to make information security risk determinations based on intelligence analysis.
Understanding cyber threats, malicious cyber threat actor motivations, and capabilities relevant to regions of interest.
Shift timings Rotational shifts between 8 am to 11 pm (sometimes including weekend) Education and Certification Bachelor's degree in computer science or in lieu of:
Industry certifications in cyber security incident management, such as, Certified Information Systems Security Professional (CISSP), GIAC and other related credentials.
Certifications:
Company Overview Fidelity Investments is a privately held company with a mission to strengthen the financial well-being of our clients.
We help people invest and plan for their future.
We assist companies and non-profit organizations in delivering benefits to their employees.
And we provide institutions and independent advisors with investment and technology solutions to help invest their own clients' money.
Join Us At Fidelity, you'll find endless opportunities to build a meaningful career that positively impacts peoples' lives, including yours.
You can take advantage of flexible benefits that support you through every stage of your career, empowering you to thrive at work and at home.
Honored with a Glassdoor Employees' Choice Award, we have been recognized by our employees as a Best Place to Work in 2023.
And you don't need a finance background to succeed at Fidelity--we offer a range of opportunities for learning so you can build the career you've always imagined.
At Fidelity, our goal is for most people to work flexibly in a way that balances both personal and business needs with time onsite and offsite through what we're calling Dynamic Working.
We invite you to Find Your Fidelity at fidelitycareers.
com.
Fidelity Investments is an equal opportunity employer.
We believe that the most effective way to attract, develop and retain a diverse workforce is to build an enduring culture of inclusion and belonging.
Fidelity will reasonably accommodate applicants with disabilities who need adjustments to participate in the application or interview process.
To initiate a request for an accommodation, contact the HR Accommodation Team by sending an email to accommodations @fmr.
com, or by calling 800-835-5099, prompt 2, option 3.
We welcome those with experience in jobs such as Senior Accountant, Financial Analyst, and Accounts Receivable Clerk and others in the Accounting and Finance to apply.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
0 2 days ago Full Job Description
Job Description:
The Role Principal Cybersecurity Analyst Looking for an energetic, hard charging individual able to keep up in an exciting and fast-moving security operations team that is engaged in several high-profile security projects to enhance Fidelity's security posture.
The candidate will be immersed in a quick changing environment in a very rapid changing threat landscape, working with numerous security professionals.
The qualified candidate must be adaptable and able to work in a fast-paced environment where learning new skills and understanding new system architectures quickly is a key to success.
The job involves performing functions related to Network and Perimeter specialized Security Architect including Web Application Firewall, Email Security, Network and cloud security architecture assessment, Cyber Incident Response, Change Management.
The Team The Principal Cybersecurity Analyst will be working on external defense team to ensure indications of compromise are promptly identified and stakeholders are informed with actionable and complete information.
This role will assist and coordinate with incident response staff, threat intelligence, vulnerability management, and perimeter security teams during response activities and cyber investigations.
This position works closely with our ISO for each Business Unit and directly with internal and external customers.
The Expertise You Have Technical:
Network & Perimeter security Expert with an outstanding understanding of the latest practices and trends in edge security.
Evaluate, deploying and managing Akamai / AWS / Azure Web Application Firewall security configuration.
Advance experience on Splunk or other SIEM (Security information and event management) Monitoring.
Log Analysis Expertise - Web logs, NetFlow and Packet Analysis Strong experience in Web application firewall and API Security.
Good knowledge of Email Security (EOP), Email Security Network IDS/IPS, WAF, DDoS Control and Cloud Security Analyzing web traffic patterns to improve protections.
Reviewing policy enforcement change requests; interviewing submitters who have requested security configuration changes and require additional requirements gathering.
Knowledge of Agile, Cloud security, DevSecOps, Open Source and a programming language is of substantial advantage Behavioral Positive personality and can-do attitude; you also have good communication skills with an excellent command of the English language.
Open-minded, empathic and a team-mate with a partnering approach and an enthusiastic and motivated personality, with demonstrated experience in solving complex challenges Intellectually curious and therefore remain abreast of new technologies and developments relating to technical products that might be used enterprise wide and software delivery methodologies Proficient in balancing business partner views and interests Senior technical and non-technical Stake holder management skills The Skills You Bring 6 to 8 years of security experience desired, preferably in a matrix-driven corporate environment.
Security experience with any WAF provider, API definitions, custom rules, writing bot management rules and analyzing traffic logs.
Proven experience troubleshooting and simulating HTTP client requests (e.
g.
, curl, postman, HAR file analysis).
Strong understanding of core networking concepts (e.
g.
- TCP/IP, DNS, HTTP, proxy, load-balancing, etc.
).
Functional experience with Splunk, SIEM, or other log aggregation & analysis technologies.
Experience with cloud solutions such as AWS or other IaaS/PaaS/SaaS environments.
Ability to interact with both technical and non-technical staff, including management and executives, with experience articulating technical material in business terms.
Functional understanding of network controls and policies to stop cyber threats.
Familiarity with external facing security controls that can stop external attacks that may occur:
such as WAF tuning, Bot management, API protection, network policy governance, troubleshooting, and incident response.
Familiarity with criminal activities and the attacks that may occur in each layer of the OSI model.
Ability to make information security risk determinations based on intelligence analysis.
Understanding cyber threats, malicious cyber threat actor motivations, and capabilities relevant to regions of interest.
Shift timings Rotational shifts between 8 am to 11 pm (sometimes including weekend) Education and Certification Bachelor's degree in computer science or in lieu of:
Industry certifications in cyber security incident management, such as, Certified Information Systems Security Professional (CISSP), GIAC and other related credentials.
Certifications:
Company Overview Fidelity Investments is a privately held company with a mission to strengthen the financial well-being of our clients.
We help people invest and plan for their future.
We assist companies and non-profit organizations in delivering benefits to their employees.
And we provide institutions and independent advisors with investment and technology solutions to help invest their own clients' money.
Join Us At Fidelity, you'll find endless opportunities to build a meaningful career that positively impacts peoples' lives, including yours.
You can take advantage of flexible benefits that support you through every stage of your career, empowering you to thrive at work and at home.
Honored with a Glassdoor Employees' Choice Award, we have been recognized by our employees as a Best Place to Work in 2023.
And you don't need a finance background to succeed at Fidelity--we offer a range of opportunities for learning so you can build the career you've always imagined.
At Fidelity, our goal is for most people to work flexibly in a way that balances both personal and business needs with time onsite and offsite through what we're calling Dynamic Working.
We invite you to Find Your Fidelity at fidelitycareers.
com.
Fidelity Investments is an equal opportunity employer.
We believe that the most effective way to attract, develop and retain a diverse workforce is to build an enduring culture of inclusion and belonging.
Fidelity will reasonably accommodate applicants with disabilities who need adjustments to participate in the application or interview process.
To initiate a request for an accommodation, contact the HR Accommodation Team by sending an email to accommodations @fmr.
com, or by calling 800-835-5099, prompt 2, option 3.
We welcome those with experience in jobs such as Senior Accountant, Financial Analyst, and Accounts Receivable Clerk and others in the Accounting and Finance to apply.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
