Cyber Operations Engineer-VP

About The Position

Requirements

• 4+ years of experience in security operations center, or similar security technical and operational role is preferred.
• University Degree.
• Intermediate knowledge in system security architecture and security solutions – IDS, Splunk, data loss prevention, next generation anti-malware, etc.
• Intermediate knowledge of networking fundamentals (TCP/IP, Network Layers, etc.).
• Intermediate knowledge of malware operation and indicators.
• Intermediate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.).
• Intermediate knowledge of security related technologies and their functions (IDS, IPS, FW, WAF, SIEM, DLP, Proxy, next gen anti-malware etc.).
• Intermediate knowledge of Windows and Unix or Linux.
• Intermediate knowledge of Firewall and Proxy technology.
• Intermediate knowledge of malware operation and indicators.
• Intermediate knowledge of penetration techniques.
• Advanced event analysis leveraging SIEM tools.
• Advanced incident investigation and response skill set.
• Advanced log parsing and analysis skill set.
• Advanced knowledge of ServiceNow a plus.
• Strong oral and written communication skills.
• Attention to detail.
• Strong organizational skills.
• Experience with scripting.
• Knowledge of forensic techniques.
• Integrity and the highest ethical standards.
• Rapidly assimilates complex data and information and displays a developed learning agility.
• Self-starter with the personal drive to achieve superior performance.
• Courage of convictions and the ability to respectfully debate the status quo.
• Natural curiosity and desire to always learn.

Nice To Haves

• MBA, CISSP, CISM, GCHI, CEH, CCNA, or GIAC are preferred.
• Action-oriented attitude and willingness to roll up sleeves.
• Advanced knowledge of ServiceNow a plus.

Responsibilities

• Acts as an escalation point for regional information security incidents and support the response to incidents impacting the region and/or occurring during regional business hours.
• Performs daily review of reports and alerts to identify Information Security events for further investigation while escalating exceptional events as necessary.
• Act as a mentor for more junior team members.
• Performs investigation and escalation for complex or high severity security threats or incidents.
• Ensures that all identified events are promptly validated and thoroughly investigated.
• Collaborates with technical teams to identify, resolve, and mitigate events.
• Provides advice and guidance on the response action plans for information risk events and incidents based on incident type and severity.
• Assists with containment of threats and remediation of environment during or after an incident.
• Regularly develop new and interesting use cases for future SIEM logic.
• Participate in cyber threat hunts in support of the global cyber operations function.
• Assist with forensics investigations.
• Participate in the creation, modification and maintenance of all Cyber Monitoring policies and procedures.
• Keep abreast of cyber security trends and the emerging threat landscape in general and as it relates to BlackRock.
• Deliver timely and detailed documentation related to any incident including the findings, review and follow-up activities.

Benefits

• To help you stay energized, engaged and inspired, we offer a wide range of benefits including a strong retirement plan, tuition reimbursement, comprehensive healthcare, support for working parents and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about.
• employees are eligible for an annual discretionary bonus, and benefits including healthcare, leave benefits, and retirement benefits.