Cyber Security - Technical Specialist

About the OpportunityJob Type: Permanent

Application Deadline: 30 April 2024

Job Description

           

Title: Cyber Security - Technical Specialist, Cyber Defence Operations                                              

Department: FIL – Cyber Defence Operations

Location: Gurgaon

Reports To: Detection Engineering & Automation Manger - CDO (UK)           

                                                                                               

Level : 4

We’re proud to have been helping our clients build better financial futures for over 50 years. How have we achieved this? By working together - and supporting each other - all over the world. So, join our team and feel like you’re part of something bigger.

Department Description

The Global Cyber & Information Security function is a part of the Global Technology department.  The Global Technology Group function provides IT services to the Fidelity International business.  These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, marketing and customer service functions.  The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation.   

 Global Cyber & Information Security is made up of the following functions; 

• Application Security  
• Centralised Access Management  

• Infrastructure Security 
• Security Engineering and Architecture 
• Security Application Support 
• Cyber Defence Operations (CDO) 
• Information Security (and the ISO function) 

The Cyber Defence Operations function at Fidelity International is part of the Global Cyber & Information Security (GCIS) Group, reporting to the Head of Global Cyber & Information Security. Our mission is to develop an intelligence-led, proactive cyber security response to defend Fidelity and its assets from cyber threats, to reduce risk and business impact. We adopt an ‘assumed breach’ position using multiple in-depth capabilities for protection, detection and response along with established playbooks to enable rapid response when an event occurs.

Purpose of the Role

The successful candidate will be experienced in security operations, understanding the value of cloud security and how this can enhance fidelitys security in cloud operations. This is a critical role expected to build and maintain our security control portfolio and help mature our monitoring and response processes.

The successful candidate will be comfortable working at a deep technical level, proactively suggesting and implementing control improvements whilst also being able to prioritise backlog engineering work (mainly sourced from our front-line SOC team). The successful candidate will be able to demonstrate understanding of frontline security analysts workloads, experience in simplifying and automating security cloud actions and have an understanding on how best to maintain security tooling. The role will be supported by a strong security leadership team who are keen to develop our controls underpinned by our investment in leading security tooling. Our leadership team will be looking at this role to significantly increase cloud knowledge within the department- a key focus for us as fidelity transitions to cloud environments.

Key Responsibilities

•             Ensure controls are kept up to date, analysing and utilising new features as they are released in Cloud

•             Working as part of a global engineering team to deliver high priority tickets items

•             Proactively improve our front-line teams BAU activities

•             Ensure an understanding of cloud architecture within fidelity to better support security tooling/tuning

•             Create regular workshops to obtain suggestions and demonstrate improvements

•             Ensure our security controls are integrated with each other - sharing information rather than silo’d controls

•             Working with other security teams to look at how we can use their data to enhance our own monitoring

Experience and Qualifications Required

•             Must have experience in Azure and AWS cloud environments and tooling             

•             Experience and strong understanding of frontline security operations

•             Competent in scripting languages required for automation e.g KQL, Python, Powershell etc

•             Experience managing an EDR, SIEM or SOAR platform

•             Some reporting ability, with an understanding on how to tailor reports to show capacity and efficiency improvements

•             Familiarity with how to build controls in a scalable easily maintainable way

•             In depth understanding of modern cloud security technologies

•             Understanding of how raw security data can flow between technologies and be manipulated to provide useful security information.

•             Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning this into improvements.

•             Banking or Finance industry related experience desirable

•             Security Engineering certifications preferred

Soft skills

• Analytical skills
• Challenge the current processes
• Passion for the cybersecurity field
• Time management
• Able to organize others

Your skills and experience

• At least 2 years of experience working as a cyber security engineer.
• Knowledge of or experience working with security (Cloud, SIEM, NetFlow, IDS/IPS, Anti-Virus)
• Experience explaining the risk of security threats and creating mitigations using frameworks
• Experience of general IT infrastructure technologies and principles.
• Understanding of the underlying protocols including: HTTP, HTTPS, SMTP, SQL.
• Understanding of Networking Architecture (OSI Model).
• Experience using data science or advance analytical tools to solve security incidents.
• Ability to automate tasks using scripting on both Windows and Linux systems.
• Programming experience (PowerShell, Bash, Python, JavaScript)
• Knowledge in AWS Cloud, Azure Cloud
• Knowledge in Infrastructure as Code I.e Terraform

Nice to have

• Experience dealing with security incidents using the NIST framework.
• Certifications - Security+, Network+, Cloud+, GCIA, GMON, GDSA, GCLD, GPCS, SSCP, OSCP

Feel rewarded

For starters, we’ll offer you a comprehensive benefits package. We’ll value your wellbeing and support your development. And we’ll be as flexible as we can about where and when you work – finding a balance that works for all of us. It’s all part of our commitment to making you feel motivated by the work you do and happy to be part of our team. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.

For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.