Senior Incident Responder (GSOC)
London, United Kingdom
London Stock Exchange Group
LSEG is your trusted global financial markets infrastructure and data provider. Discover how we deliver value for our customers.Role Purpose
The Senior Incident Response role is part of a global Incident Response team that sits within the Global Security Operations Centre (GSOC). The role is responsible for identifying and responding to cyber security incidents and enhancing the defensive capabilities of the GSOC.
LSEG GSOC is a central function employing people, process and technology to continuously monitor and respond to cyber security incidents. Security Operations spans multiple domains including cyber threat intelligence, cyber threat detection, data loss prevention and cyber incident response.
Key responsibilities
- Serve as a focal technical lead on cyber security events and incidents.
- Provide technical, hands-on incident investigation and support and serve as a main point of contact with management.
- Conduct complex digital forensics and advanced malware analysis investigations.
- Facilitate, document and manage root cause analysis and post-incident review process, including tracking all action items and lessons learned through to implementation.
- Preserve, harvest, and analyse data from computer systems including desktops, servers (virtual/physical) and appliances.
- Handle the chain of custody for all evidence collected during incidents, security, and forensic investigations.
- Build and improve defensive capabilities using monitoring technologies including SIEM and EDR.
- Perform proactive threat hunting and threat modelling to identify cyber threats.
- Coach and mentor incident responders in the steps to take to investigate and resolve computer security incidents.
Impact
This role has impact across all parts of the business, as it is responsible for ensuring that cyber-attacks impacting LSEG are appropriately responded to. Impacts include financial, economic, regulatory, customer and brand.
The Global Security Operations Centre (GSOC) where this role sits has responsibility for defending the entire group against cyber-attacks, parts of which are defined by different nations governments as Critical National Infrastructure (CNI).
The role is key to addressing regulatory concerns for all our regulated entities related to cyber security and cyber resilience.
Technical / job functional knowledge
- Experience performing complex digital forensic and incident response investigations.
- Deep knowledge of common operating systems (e.g. macOS, Windows, Unix, Linux) and their associated file systems.
- Proficient with industry-standard incident response toolsets such as EnCase, X-Ways, FTK and Volatility.
- Knowledge of cloud technologies and cloud infrastructures such as AWS, GCP, Azure, O365.
- Experience with conducting log analysis across different components of a typical organisation estate (e.g. OS, network, cloud).
- Deep understanding of advanced cyber adversary tools, techniques and procedures.
- Good understanding of Security Operations Centre (SOC) practices, processes and procedures.
- Good understanding of incident response processes and procedures, including common frameworks (e.g. NIST, SANS).
- Automating and refining incident response procedures/playbooks to improve SOC efficiencies.
- Policies, standards and security frameworks, NIST, CIS.
Business and sector expertise
Must have extensive experience of working in incident response such as within SOCs, digital forensics, or equivalent roles.
Preferred experience and knowledge of cyber security in global financial services and/or regulated environments.
LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.
Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.
Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.
LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.
We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.
Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it’s used for, and how it’s obtained, your rights and how to contact us as a data subject.
If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AWS Azure Cloud EDR EnCase Forensics GCP Incident response Linux Log analysis MacOS Malware Monitoring NIST Privacy SANS SIEM SOC Threat intelligence UNIX Windows
Perks/benefits: Career development Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Security Consultant jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information System Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open DevSecOps-related jobs