Technical Analyst

Job Description

The Global Cyber & Information Security function is a part of the Global Technology department. The Global Technology Group function provides IT services to the Fidelity International business. These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, marketing and customer service functions. The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation.Global Cyber & Information Security is made up of the following functions;
• Application Security
• Centralised Access Management
• Infrastructure Security
• Security Engineering and Architecture
• Security Application Support
• Cyber Defence Operations (CDO)
• Information Security (and the ISO function)
Page BreakThe Cyber Defence Operations function at Fidelity International is part of the Global Cyber & Information Security (GCIS) Group, reporting to the Head of Global Cyber & Information Security. Our mission is to develop an intelligence-led, proactive cyber security response to defend Fidelity and its assets from cyber threats, to reduce risk and business impact. We adopt an assumed breach position using multiple in-depth capabilities for protection, detection and response along with established playbooks to enable rapid response when an event occurs.Purpose of your roleThe successful candidate will be experienced in Insider Risk response, understanding the value of a well-developed and maintained Insider Risk platform and how this can enhance an organisations ability to detect and respond to Internal threats. This is a critical role expected to enhance and improve all aspects of Insider Risk, including DLP via email channels, and help mature our monitoring and response processes.The successful candidate will be comfortable working at a deep technical level with a range of Insider Risk tools, proactively deploying new detection capability whilst also being able to ensure continual tuning and optimisations are performed. The successful candidate will be able to demonstrate the value of maintaining sustainable workloads through tuning, correlation and automation; experience in simplifying security response actions and an understanding on how best to maintain relationships that are called upon during critical events. The role will be supported by a global team of Insider Risk specialists, detect & respond analysts and an experienced security engineering team. It will also be supported by a strong security leadership team who are keen to develop our Insider Risk capability underpinned by our investment in leading security tooling. Our leadership team will be looking at this role to significantly improve our Insider Risk programme - a key deliverable for us this year.Key Responsibilities
• Ensure our Insider Risk tool is regularly tuned and maintained
• Respond to Insider Risk events
• Develop and implement new detection capabilities across multiple channels (not just email DLP).
• Perform regular reviews and communicate to management on State-of-capability
• Hold regular workshops with cross-department teams to create new detections ideas
• Build, maintain, and enhance relationships with key stakeholders in other areas of the business in preparation for critical events such as HR, Fraud etc.
Experience and Qualifications
• Experience with Proofpoint DLP Tooling
• Experience and strong understanding of frontline security operations
• Some basic understanding of scripting e.g JavaScript, KQL, C, C, Python, etc
• Understanding of Microsoft technologies and how to best protect them e.g Teams, Sharepoint, Exchange, OneDrive etc.
• Good reporting ability, with an understanding on how to tailor reports to show improvements and usage
• Understanding of how raw security data can flow between technologies and be manipulated to provide useful correlated security information.
• Experience in cloud environments, especially Azure, would be desirable
• Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning this into improvements.
• Banking or Finance industry related experience desirable
Soft skills
• Analytical skills
• Challenge the current processes
• Passion for the cybersecurity field
• Time management
• Able to organize others
Your skills and experience
• At least 2 years of experience working in a SOC or Incident Response position.
• At least 2 years performing Insider Risk or DLP reviews
• At least 1 year performing confidential investigations
• MITRE Att&ck understanding and awareness
• Microsoft Security Control knowledge (Defender for Endpoint, Identity, 365, Azure, Sentinel)
• Knowledge of or experience working with security tools (SIEM, NetFlow, IDS/IPS, Anti-Virus)
• Experience explaining the risk of internal security threats and creating mitigations.
• Experience of general IT infrastructure technologies and principles.
• Understanding of Networking Architecture (OSI Model).
Nice to have
• Experience dealing with security incidents using the NIST framework.
• Nice to Have Certifications - Security, Network, GCIA, GCIH, GCFA, GMON, GNFA, SSCP, OSCP
About you About Fidelity InternationalFidelity International offers investment solutions and services and retirement expertise to more than 2.56 million customers globally. As a privately-held, purpose-driven company with a 50-year heritage, we think generationally and invest for the long term. Operating in more than 25 locations and with $783.6 billion in total assets, our clients range from central banks, sovereign wealth funds, large corporates, financial institutions, insurers and wealth managers, to private individuals.Our Workplace & Personal Financial Health business provides individuals, advisers and employers with access to world-class investment choices, third-party solutions, administration services and pension guidance. Together with our Investment Solutions & Services business, we invest $567 billion on behalf of our clients. By combining our asset management expertise with our solutions for workplace and personal investing, we work together to build better financial futures.Our clients come from all walks of life and so do we. We are proud of our inclusive culture and encourage applications from the widest mix of talent, whatever your age, gender, ethnicity, sexual orientation, gender identity, social background and more. We are a disability-friendly company and would welcome a conversation with you if you feel you might benefit from any reasonable adjustments to perform to the best of your ability during the recruitment process and beyond.We are committed to being a truly flexible employer, encouraging and trusting our people to perform their role in the way that works best for them, our business, our colleagues and our clients. We offer the maximum possible flexibility over where and when you work for all, considering your role and any local regulations. We call this new approach dynamic working.Find out more about what we do, our history, our new approach of dynamic working and how you could be a part of our future at https://careers.fidelityinternational.com/about-usApplying to this Job Role: Please note you are only required to upload your CV/Resume to the application screen.,

Keyskills :
sqljavatroubleshootingenvironmentsql serverdata centerit servicesmusic makingcentral bankscyber securityrapid responsesecurity tools