Chief Information Security Officer - Cyber Security Analyst, Triage - Singapore
Location: Singapore
Business Area: Engineering and CTO
Ref: 10039246
Description & Requirements
We protect Bloomberg.
There's no such thing as a "safe system" - only safer systems. Our security teams work to build and maintain the safest operating environment for Bloomberg’s users. The security analysts within the Cyber Security Operations Center are the main defenders of the company. The Cyber Security Analyst - Triage's function, within the CSOC, is considered to be a key pillar in Bloomberg’s security, as they are the initial responders to security events. Are you a motivated technical professional, who has a passion towards cyber security? And are accomplished in a systems- or applications-support role, or already have cyber security experience? In this security role, Bloomberg will provide you the opportunity to apply your current skills, while you rapidly develop new ones that are required in the cyber security field.
The Bloomberg CSOC is responsible for the detection of cyber threats, and when detected, responsible for the rapid response, across both the diverse lines of business and the global network. The CSOC is an open and collaborative environment, where members work together to identify and address the latest cyber security threats facing the company. The CSOC is staffed 24 x 7 x 365, with varying shifts, and multiple tiers of support, ranging from first response teams to the Computer Incident Response Team. Furthermore, there is opportunity to work with these more experienced members on some of the latest cyber security defense technologies.
In this role, we'll trust you to:
- Work within a dedicated shift, 8AM – 6PM, Wednesday through Sunday, to support the 24x7x365 Cyber Security Operations Center (some holiday coverage may be required)
- Demonstrate passion and good judgement as a network defender
- Identify, and act as the initial responder, to all security events
- Learn and understand the broader security of Bloomberg’s environment
- Monitor for events that match predefined criteria, and respond accordingly to standard operating procedures, as well as use good judgement for matters where a procedure doesn’t exist
- Bring to closure a significant majority of events without the involvement of other teams
- Share robust case notes when raising issues in order to help the next team member
- Remain up-to-date with cyber security threats and trends
- Deliver on relevant cyber security metrics and measurements for the role and area of responsibility
- Collaborate directly with colleagues across the firm to resolve security matters while furthering the program’s brand with a constructive and thoughtful approach
- Respond to varying seniority levels of employees and contractors throughout Bloomberg to address cyber security concerns
- Ensure appropriate coverage for the assigned shift and provide ample awareness to changes to commitments
- Produce and maintain documentation and standard operating procedures
- Generate ideas for continued improvement, including conceptual design of new threat scenarios
You'll need to have:
- A diploma or a degree in cyber security or a related technical field
- Minimum 1+ years of experience in a cyber security related role (e.g., Cyber Security Operations Center)
- Experience dealing with non-physical Security Operations, Incident Analysis, and/or Network and Host Log Analysis
- Deep understanding in logs from a variety of sources, their log events, and Splunk
- Knowledge of enterprise network and host security controls
- Ability to be autonomous but proactive in reaching out for support
- Good familiarity with operating systems (Windows, Linux and MAC)
- Deep understanding of cyber security trends and potential threats
- Knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs and enterprise antivirus products
- Good communication and interpersonal skills and the ability to take initiative
- Dedication to role and ability to collaborate with team members
We'd love to see:
- Knowledge of AWS, Azure, and GCP cloud platforms
- Previous experience working with a Security Information and Event Management (SIEM) platform
- Certifications in the information security space (CompTIA Security+, SSCP, CEH)
- Familiarity with programming / scripting
If this sounds like you:
Apply! If we think you are a good match we'll get in touch to let you know the next steps.