Senior Attack Monitoring Analyst
London, United Kingdom
London Stock Exchange Group
LSEG is your trusted global financial markets infrastructure and data provider. Discover how we deliver value for our customers.ABOUT US:
LSEG (London Stock Exchange Group) is more than a diversified global financial markets infrastructure and data business. We are dedicated, open-access partners with a dedication to excellence in delivering the services our customers expect from us. With extensive experience, deep knowledge and worldwide presence across financial markets, we enable businesses and economies around the world to fund innovation, manage risk and create jobs. It’s how we’ve contributed to supporting the financial stability and growth of communities and economies globally for more than 300 years. Through a comprehensive suite of trusted financial market infrastructure services – and our open-access model – we provide the flexibility, stability and trust that enable our customers to pursue their ambitions with confidence and clarity.
LSEG is headquartered in the United Kingdom, with significant operations in 70 countries across EMEA, North America, Latin America and Asia Pacific. We employ 25,000 people globally, more than half located in Asia Pacific. LSEG’s ticker symbol is LSEG.
Role Profile
LSEG Security Operations is a central function employing people, process and technology to continuously monitor and respond to cyber security incidents. Security Operations spans multiple domains including cyber threat intelligence, cyber threat detection, data loss prevention and cyber incident response.
Role Summary
This role is a Senior Attack Monitoring Analyst for the Global Security Operations Centre (GSOC). The role is responsible for identifying and responding to cyber security incidents and improving the defensive capabilities of the GSOC.
The ideal candidate will have a solid technical background, with a firm understanding of modern attack techniques coupled with knowledge of the typical lifecycle of an attack.
Shift
Role operates on a shift rotation. Shifts are 12:00 – 00:00 using a 4 days on, 4 days off rotation.
Responsibilities
- Triage security events and employ a methodical and coherent response to security incidents.
- Serve as a point of escalation and point of reference for junior members of the level 2 team.
- Competently operate a chosen SIEM (e.g. Splunk/QRadar/LogRhythm)for incident investigations, or for the development of monitoring dashboards.
- Utilise playbooks, existing knowledge and accurate online resources for guidance when responding to incidents.
- Utilise online resources for researching and collecting threat intelligence to enhance the SOC’s abilities to detect cyber-attacks.
- Develop new, or improve existing run books and use cases based on investigations and knowledge of modern attacks.
- Stay up to date with current vulnerabilities, attacks, and countermeasures.
- Identify, respond and remediate cyber events generated through monitoring technologies.
- Serve as a point of escalation for cyber security incident triage and investigation.
Experience
- Experience with operating or administrating a SIEM (e.g. Splunk/QRadar/LogRhythm).
- Strong working knowledge of networks including the TCP/IP stack, typical organisation architectures, and common protocols abused by malware.
- Experience in security event analysis & triage, incident handling and root-cause identification.
- Understanding of tools, techniques and procedures that attackers use to compromise organisations, ideally from direct experience.
- Develop new, or improve existing run books and use cases based on investigations and knowledge of modern attacks.
- Experience and knowledge of cyber security in corporate environments.
- Likely will have experience working full time in incident response or offensive security roles.
- Ability to work with a sense of urgency while remaining calm under pressure.
- Strong verbal and written communication and collaboration skills.
- Security industry specific and core technical accreditations such as OSCP, GIAC, CCNA.
- Certification demonstrating SIEM operational competences.
- Competent with one or more programming languages (e.g. Python, PowerShell, Java, C#).
LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.
Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.
Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.
LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.
We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.
Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it’s used for, and how it’s obtained, your rights and how to contact us as a data subject.
If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: C GIAC Incident response Java LogRhythm Malware Monitoring Offensive security OSCP PowerShell Privacy Python QRadar SIEM SOC Splunk TCP/IP Threat intelligence Vulnerabilities
Perks/benefits: Career development Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs