Principal Cybersecurity Analyst

Fidelity InvestmentsDurham, NC
Onsite

About The Position

Performs functions related to Network and Perimeter specialized Security Engineers including Email Security, DNS, Distributed Denial of Service (DDoS), IDS/IPS and cloud security. Understands cyber threats, malicious cyber threat actor motivations, and capabilities relevant to regions of interest. Builds Email Security, Email and Web Advance Threat Protection, DNS, DDoS, IDS/IPS and cloud security. Stops external attacks to firm systems using endpoint controls includes firewall, antivirus, and host-based intrusion systems. Manages Intrusion Prevention System (IPS), Advance Threat Protection (ATP), Cloud Security and Email Security operational functions.

Requirements

  • Bachelor’s degree in Computer Science, Engineering, Information Technology, Information Systems, or a closely related field (or foreign education equivalent) and five (5) years of experience as a Principal Cybersecurity Analyst (or closely related occupation) designing and implementing perimeter security defense solutions to protect enterprise networks from external threats, unauthorized access, and DDoS attacks, in on premises and Cloud environments.
  • Master’s degree in Computer Science, Engineering, Information Technology, Information Systems, or a closely related field (or foreign education equivalent) and three (3) years of experience as a Principal Cybersecurity Analyst (or closely related occupation) designing and implementing perimeter security defense solutions to protect enterprise networks from external threats, unauthorized access, and DDoS attacks, in on premises and Cloud environments.
  • Demonstrated Expertise (“DE”) designing enterprise networks requiring security using secure routing protocols (RIPv2 and OSPF), encryption protocols (IPSec and SSL or TSL), and robust firewalls and access control implementation.
  • DE performing manual and penetration testing, using Nmap, Dirbuster, and Metasploit to secure enterprise network from unauthorized access; and performing automated penetration testing using Nessus, Qualys, and Burpsuite to identify vulnerabilities, analyze traffic, and validate security controls.
  • DE maintaining security systems (Cisco ASA, Juniper SRX, or Check Point Firewalls), intrusion detection and prevention systems, force point proxy servers, and log management tools (Spunk, Qradar, and Sevone) to monitor and troubleshoot network traffic.
  • DE engaging in incident handling -- threat discovery, triage, containment, recovery, and remediation plan coordination -- using Splunk, Wireshark, Crowdstrike, Sentinelone, and Servicenow to ensure rapid response and resolution.

Responsibilities

  • Makes information security risk determinations based on intelligence analysis.
  • Develops plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
  • Monitors current reports of computer viruses to determine when to update virus protection systems.
  • Encrypts data transmissions and erects firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers.
  • Performs risk assessments and executes tests of data processing systems to ensure functions of data processing activities and security measures.
  • Modifies computer security files to incorporate new software, correct errors, or change individual access status.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service