Technical Security Analyst

Description

Job Description
Enterprise Cyber Security is a central Information Security organization within Fidelity Investments serving the Enterprise as a whole. Enterprise IT Security Engineering provides consulting, new product review and selection, certification and detailed control design services to the Enterprise Cyber Security organization and the IT Enterprise of Fidelity.
ECS Internal Threat is seeking an experienced security analyst with operational experience responding to security incidents in a production environment with a focus on Data Loss Prevention (DLP. The successful candidate must be able to capture/document and review complex DLP requirements, implement system alerts against these requirements and performing indepth forensics upon alert review to identify data exfiltration violations, behaviors and patterns. This role will involve working closely with security engineering, architecture and incident management teams to help mitigate risk across our Fidelitys computing environment. Primary Responsibilities
Participate in Insider Threat triage and escalation oversight bringing Insider Threat incidents to complete mitigation and closure Responsible for high quality architecture, implementation and analysis of Insider Threat detection, response and remediation technologies unifying and standardizing Cybersecurity Insider Threat policies and practices across the enterprise Be instrumental in technology and policy implementation, tuning and oversight of Insider Threat processes across all insider threat technologies executed in the firm, particularly in cutting edge analytics space Engage investigative computer forensics where required, continuously enhancing Fidelitys DLP and Insider Threat detection capabilities Document and maintain insider threat alerts, procedures, analysis and investigations accurately
Education and Experience
Degree or equivalent experience in Computer Science, Engineering or related discipline 35+ years operational experience responding to security incidents in a production environment
Required Technical Skills and Knowledge
Expert skills and knowledge of cyber security threats and attacks, incident response, network and host based control technologies. Experience administering at least one enterprise endpoint or infrastructure DLP solution. Knowledge and experience with systems administration and automation with modern scripting languages and environments such as Python, Perl, PowerShell and others. Knowledge of Data Repository Architecture (EDMS, SharePoint, O365, OneDrive, etc) Knowledge of the security threat landscape, especially network and server threats Strong knowledge of TCP/IP Strong knowledge of the Windows and / or Linux operating systems Log & data analysis and reporting Knowledge of Active Directory Security and Group Policy Design
Required Behavioral Attributes
Excellent verbal and written communication skills Strong in problem solving and analytical skills Ability to work on multiple projects by prioritizing and results oriented approach Good team player with flexibility required for support operations Must be a quick learner and adapt to new tools and technology