Cyber Defence Operations (APAC) Technical Analyst

Job Description

About the opportunityDepartment DescriptionThe Cybersecurity function is a part of the Global Business Solutions Risk (GBS) & Cybersecurity department, within the GBS group. The GBS Group function provides IT services to the Fidelity International business, globally. These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, marketing and customer service functions. The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation. GBS Risk & Cybersecurity is responsible for:Cybersecurity: Protecting the Technology Environment from internal and external security threats,Application Security (through secure coding practices, penetration testing, and developer training)Centralised Access Management working to principles of least privilege, access appropriate to role, and Role Based Access ControlInfrastructure SecuritySecurity Engineering and ArchitectureSecurity Application SupportCyber Defence Operations (CDO)Information Security Risk ManagementTechnology Risk and Audit Management,Technology Service ContinuityPurpose of the RoleThe Cyber Defence Operations team has a requirement for day-to-day management of security tools used to respond to malware and other security related incidents. The technologies include, but are not limited to, Advanced malware detection, DDoS, IPS, anti-spam, threat intelligence and logging/analytics capabilities. The ideal candidate has experience of not only using a wide range of technologies to respond to security events, but also supporting ongoing maintenance of the tools. Key ResponsibilitiesSecurity toolsConduct research, analysis, and correlation across a wide variety of all source data sets (e.g., indications and warnings)Use provided tools to perform continual monitoring and analysis of system activity to identify malicious activity and configure mitigationsCoordinate with other departments to manage and administer the updating of rules and signatures (e.g. intrusion detection/protection systems, anti-virus, and content blacklists) for specialized applications.Coordinate with enterprise-wide Networks teams to validate network alertsEmploy approved defence-in-depth principles and practices (e.g., defence-in-multiple places, layered defences, security robustness)Recommend computing environment vulnerability correctionsIdentity and correct inconsistencies or complications in processTriage events including malicious activity and incidents of concernAnalyse identified malicious activity to determine weaknesses exploited, exploitation methods, and effects on system and informationReceive and analyse network alerts from various sources within the enterprise and determine possible causes of such alertsAssist in determining appropriate course of action in response to identified and analysed anomalous network activityAnalyse network traffic to identify anomalous activity and potential threats to network resourcesDocument and escalate incidents (including event s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environmentProvide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activitiesPerform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attackReporting, monitoring & supportIdentify potential conflicts with implementation of any tools within CDO area of responsibility (e.g., tool/signature testing and optimization)Provide summary reports of network events and activity relevant to CDOPerform trend analysis and reportingMonitor external data sources (e.g. vendor sites, Computer Emergency Response Teams, SANS, Open Source and Private feeds) to maintain currency of threat condition and determine which security issues may have an impact on the enterpriseSupport weekly reporting activities on a rotational basis for the CDO functionExperience and Qualifications RequiredExperience and strong understanding of frontline security operations Understanding of modern security attack techniques and how best to detect them Understanding of how raw security data can flow between technologies and be manipulated to provide useful security detetction information. Experience in cloud environments would be desirable Strong communication skills with evidence of being in a position responsible for providing input into other teams and turning this into measurable improvements. Banking or Finance industry related experience desirable Soft skills Analytical skills Challenge the current processes Passion for the cybersecurity field Time management Able to organize othersYour skills and experience At least 2 years of experience working in a SOC or Incident Response position. Knowledge of or experience working with security (SIEM, NetFlow, IDS/IPS, Anti-Virus) Experience explaining the risk of security threats and creating mitigations. Experience of general IT infrastructure technologies and principles. Understanding of the underlying protocols including: HTTP, HTTPS, SMTP, SQL. Understanding of Networking Architecture (OSI Model). Experience using data science or advance analytical tool. Programming experience (PowerShell, Bash, Python, JavaScript)Nice to have Experience dealing with security frameworks such as NIST and MITRE Nice to Have Certifications - Security, Network, GCIA, GCIH, GCFA, GMON, GNFA, SSCP, OSCPAbout you About Fidelity InternationalWe ve been helping our clients plan and save for the futures they want for over 50 years. From more than 25 locations around the world, we provide investment services and retirement expertise to 2.5 million clients everyone from central banks and financial institutions to wealth managers and private individuals. We think generationally and look to the long term. And today, building on the security of private ownership and our strong sense of purpose, we re growing our business like never before.What it s like to work here.In our welcoming, caring culture, you ll feel valued, trusted and free to express yourself. We recognise the value of inclusion and diversity in culture, in thought and in experience. With this in mind, please let us know if you feel you might benefit from any reasonable adjustments to perform to the best of your ability during the recruitment process and beyond.As well as a clear commitment to inclusion, we offer real flexibility about where, when and how you work. It s an approach we call dynamic working , and you ll find it brings the very best out in you.Getting startedFor more about who we are, how we work and the part you could play in both our progress and our future, visit careers.fidelityinternational.com .Or, if you re feeling inspired, start your journey with us right now.APPLYApplying to this Job Role: Please note you are only required to upload your CV/Resume to the application screen.,

Keyskills :
javadata sciencedata centerit servicestroubleshootingenvironmentsql serversql