Information Security Analyst
Description:
Company Background:
The LMAX Group is a global financial technology company which operates multiple institutional execution venues for FIAT and digital currency trading.
Servicing brokers, funds, corporates, asset managers and banks, LMAX Group delivers a unique vision for global FX and cryptocurrency trading - a transparent, neutral, level playing field for all market participants, regardless of status, size or activity levels.
Purpose:
LMAX Group is seeking a Security Analyst to join our highly skilled team of enthusiasts. We are looking for someone who is passionate about security and eager to broaden their skills in security engineering, threat hunting, and automation.
As a Security Analyst, you will play an important role within the Security Operations Centre (SOC), dealing with detected security events and conducting in-depth analysis. We value individuals with 2 to 5 years of proven experience in the field of Cyber defense, possessing knowledge of attack methods and expertise with cyber security technologies.
Key Responsibilities:
- Triage security events, conduct detailed investigations, and research security incidents. Provide detailed technical reports on incidents and suggest capability improvements.
- Support incident response efforts, including forensic investigations, alongside recovery and reporting activities.
- Maintain high visibility into the company's estate for security events, filtering out false positives.
- Support the business with technical issues or queries, alongside the other functions inside the Technology department
- Ensure internal support requests are dealt with on a timely manner, and contribute to knowledge sharing across technology and business teams
- Generate reports on key metrics, processes, and procedures to demonstrate auditability to regulators and internal stakeholders.
- Collaborate closely with the Threat Hunting team to research and enhance the company's ability to detect custom attacks.
- Design and maintain security controls and associated processes in accordance with security compliance requirements
- Work with the Governance and Operational Risk division to support continuous auditing of the company security controls and related processes, including keeping the LMAX Risk Register relevant and up to date
- Educate employees on security awareness to improve the overall security posture.
- Take a proactive approach to vulnerability management, prioritizing and communicating vulnerability announcements, conducting scanning and remediation activities, and ensuring complete asset inventory.
Requirements:
Experience and skills:
Technical Skills
- Experience working within a Security Operations Centre (SOC) and associated technologies (SIEM, IPS/IDS, EDR, UEBA, etc).
- Experience in triaging and remediating security incidents.
- Familiarity with automation and scripting (Python, Bash, etc.).
- Comprehensive knowledge of computer and communications security principles, networking, and vulnerabilities in modern operating systems and applications.
- Working knowledge of Linux - it will be your desktop.
- Understanding of cryptography.
- Knowledge of networking and TCP/IP, including the ability to read packet captures.
- Proficiency in computer security tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Spyware, etc.).
- Ability to work independently towards team objectives.
- Strong interpersonal and communication skills
- Awareness of legislation and frameworks such as GDPR, ISO 27001, NIST CSF
- Solid knowledge and experience in monitoring threats in a cloud environment.
- Working knowledge of Azure Sentinel SIEM.
- Understanding of Security Orchestration, Automation and Response (SOAR) concepts and their benefits
- Industry leading certification in Cybersecurity, such as GCIA, GNFA, GCIH.
- Knowledge of web application vulnerabilities.
- Experience with Web Filtering and Data Loss Prevention tools.
- Experience within the finance sector.
Any of the following would help you stand out from other candidates:
Soft Skills:
- Genuine enthusiasm for security and open-source technologies (we love open-source).
- Positive, constructive and open-minded attitude, with a continuous learning mindset.
- Systematic problem solving approach, coupled with a strong sense of ownership and drive.
- Practical approach to managing time and work load to ensure that tasks required are completed in a timely fashion.
- Ability to understand business processes and translate those into detections within the SOC.
- Good documentation and communication skills to communicate with a global team.