Cyber Security - Technical Specialist
Gurgaon Office
Fidelity International
Fidelity International offers investment solutions and retirement expertise to institutions, individuals and their advisers around the world.Job Description
Title: Cyber Security - Technical Specialist, Cyber Defence Operations
Department: FIL – Cyber Defence Operations
Location: Gurgaon
Reports To: Detection Engineering & Automation Manger - CDO (UK)
Level : 4
We’re proud to have been helping our clients build better financial futures for over 50 years. How have we achieved this? By working together - and supporting each other - all over the world. So, join our team and feel like you’re part of something bigger.
Department Description
The Global Cyber & Information Security function is a part of the Global Technology department. The Global Technology Group function provides IT services to the Fidelity International business. These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, marketing and customer service functions. The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation.
Global Cyber & Information Security is made up of the following functions;
- Application Security
- Centralised Access Management
- Infrastructure Security
- Security Engineering and Architecture
- Security Application Support
- Cyber Defence Operations (CDO)
- Information Security (and the ISO function)
The Cyber Defence Operations function at Fidelity International is part of the Global Cyber & Information Security (GCIS) Group, reporting to the Head of Global Cyber & Information Security. Our mission is to develop an intelligence-led, proactive cyber security response to defend Fidelity and its assets from cyber threats, to reduce risk and business impact. We adopt an ‘assumed breach’ position using multiple in-depth capabilities for protection, detection and response along with established playbooks to enable rapid response when an event occurs.
Purpose of the Role
The successful candidate will be experienced in security operations, understanding the value of cloud security and how this can enhance fidelitys security in cloud operations. This is a critical role expected to build and maintain our security control portfolio and help mature our monitoring and response processes.
The successful candidate will be comfortable working at a deep technical level, proactively suggesting and implementing control improvements whilst also being able to prioritise backlog engineering work (mainly sourced from our front-line SOC team). The successful candidate will be able to demonstrate understanding of frontline security analysts workloads, experience in simplifying and automating security cloud actions and have an understanding on how best to maintain security tooling. The role will be supported by a strong security leadership team who are keen to develop our controls underpinned by our investment in leading security tooling. Our leadership team will be looking at this role to significantly increase cloud knowledge within the department- a key focus for us as fidelity transitions to cloud environments.
Key Responsibilities
• Ensure controls are kept up to date, analysing and utilising new features as they are released in Cloud
• Working as part of a global engineering team to deliver high priority tickets items
• Proactively improve our front-line teams BAU activities
• Ensure an understanding of cloud architecture within fidelity to better support security tooling/tuning
• Create regular workshops to obtain suggestions and demonstrate improvements
• Ensure our security controls are integrated with each other - sharing information rather than silo’d controls
• Working with other security teams to look at how we can use their data to enhance our own monitoring
Experience and Qualifications Required
• Must have experience in Azure and AWS cloud environments and tooling
• Experience and strong understanding of frontline security operations
• Competent in scripting languages required for automation e.g KQL, Python, Powershell etc
• Experience managing an EDR, SIEM or SOAR platform
• Some reporting ability, with an understanding on how to tailor reports to show capacity and efficiency improvements
• Familiarity with how to build controls in a scalable easily maintainable way
• In depth understanding of modern cloud security technologies
• Understanding of how raw security data can flow between technologies and be manipulated to provide useful security information.
• Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning this into improvements.
• Banking or Finance industry related experience desirable
• Security Engineering certifications preferred
Soft skills
- Analytical skills
- Challenge the current processes
- Passion for the cybersecurity field
- Time management
- Able to organize others
Your skills and experience
- At least 2 years of experience working as a cyber security engineer.
- Knowledge of or experience working with security (Cloud, SIEM, NetFlow, IDS/IPS, Anti-Virus)
- Experience explaining the risk of security threats and creating mitigations using frameworks
- Experience of general IT infrastructure technologies and principles.
- Understanding of the underlying protocols including: HTTP, HTTPS, SMTP, SQL.
- Understanding of Networking Architecture (OSI Model).
- Experience using data science or advance analytical tools to solve security incidents.
- Ability to automate tasks using scripting on both Windows and Linux systems.
- Programming experience (PowerShell, Bash, Python, JavaScript)
- Knowledge in AWS Cloud, Azure Cloud
- Knowledge in Infrastructure as Code I.e Terraform
Nice to have
- Experience dealing with security incidents using the NIST framework.
- Certifications - Security+, Network+, Cloud+, GCIA, GMON, GDSA, GCLD, GPCS, SSCP, OSCP
Feel rewarded
For starters, we’ll offer you a comprehensive benefits package. We’ll value your wellbeing and support your development. And we’ll be as flexible as we can about where and when you work – finding a balance that works for all of us. It’s all part of our commitment to making you feel motivated by the work you do and happy to be part of our team. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.
For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation AWS Azure Banking Bash Cloud Compliance EDR Finance GCIA IDS IPS IT infrastructure JavaScript Linux Monitoring NIST OSCP PowerShell Python Scripting SIEM SMTP SOAR SOC SQL SSCP Terraform Windows
Perks/benefits: Flex hours
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs