Cyber Investigation and Response Analyst
G-Research is Europe’s leading quantitative finance research firm. We hire the brightest minds in the world to tackle some of the biggest questions in finance. We pair this expertise with machine learning, big data, and some of the most advanced technology available to predict movements in financial markets.
We are looking for a Cyber Investigation and Response Analyst to work as part of our CSIRT (Cyber Security Investigation and Response Team). This is a fantastic opportunity to work on multiple different aspects of security, with responsibilities ranging from alert triage to threat intelligence.
The successful candidate will be working with a whole host of different technologies across a combination of on-premise, hybrid cloud, and cloud native environments. This is a unique opportunity for someone with a strong grounding in a Security Operations Centre (SOC) environment to move into a new phase of their career, with growth and diversification opportunities into Incident Response, Threat Intelligence or even Security Engineering.
Key responsibilities of the role include:
- Investigating and responding to malicious and suspicious activity in the G-Research network
- Monitoring, triaging, and responding to security alerts
- Developing, deploying, and documenting new detection techniques
- Configuring security monitoring tools
- Assessing threats and providing data collection and monitoring recommendations for new systems and applications within the environment
- Advancing CSIRT capabilities by providing input and feedback to Security Engineering, Security Data Engineering, and Security Data Science teams
Who are we looking for?
This role will suit someone with drive, energy and a passion for Cyber Security. A part of this role will also include mentoring and coaching across the team.
The ideal candidate will have:
- Previous SOC experience and mature understanding of security incident response and investigation
- Azure Sentinel stack experience
- Strong alert triage and detection engineering experience
- Experience with threat intelligence
- Experience monitoring for insider threats and working in a Cloud computing environment
- The ability to document and articulate impact, timeline, and outcome of an incident to both technical and non-technical audiences
- Strong attention to detail and an inquisitive mind-set
The following skills/experience would also be beneficial:
- Hybrid cloud experience
- Python knowledge
- Knowledge of cutting-edge big data technologies and how to work with them (HDFS, Spark, Jupyter notebooks, Kibana) would be beneficial.
Why should you apply?
- Highly competitive compensation plus annual discretionary bonus
- Informal dress code and excellent work/life balance
- Comprehensive healthcare and life assurance
- 25 days holiday
- 9% contributory pension scheme
- Cycle-to-work scheme
- Subsidised gym membership
- Monthly company events
- Central London office close to 5 tube 5 stations and 6 tube lines