Senior Cybersecurity Analyst - Perimeter Security

Fidelity Investments•Westlake, TX

53d•Hybrid

About The Position

The Senior Cybersecurity Analyst will be working on external defense team to ensure indications of compromise are promptly identified and stakeholders are informed with actionable and complete information. This role will assist and coordinate with incident response staff, threat intelligence, vulnerability management, and SOC teams during response activities and cyber investigations. This position works closely with our ISO for each Business Unit and directly with internal and external customers. The job involves performing functions related to Network and Perimeter specialized Security Engineers including Web Application Firewall, Email Security, Network and Cloud security. Looking for an energetic, hard charging individual able to keep up in an exciting and fast-moving perimeter security operations team that is engaged in several high-profile security projects to enhance Fidelity's security posture. The qualified candidate must be adaptable and able to work in a fast-paced environment where learning new skills and understanding new system architectures quickly is a key to success.

Requirements

Perimeter and cloud security Expert with an outstanding understanding of the latest practices and trends in edge security.
Deep familiarity of foundational security principles, techniques, and standard methodologies such as authentication, authorization, logging, monitoring for baseline deviations for detecting external threat attacks.
Strong experience in Web application firewall, DDOS, Account Takeover and API Security. Solid knowledge of application & operations security vulnerabilities (e.g., OWASP Top 10) and mitigation techniques.
Understanding and managing Akamai / AWS / Azure Web Application Firewall security configurations.
Good knowledge of Email Security (EOP), Email Security, Network IDS/IPS.
Advance experience on Splunk or other SIEM (Security information and event management)
Coding/scripting experience in one or more general purpose languages. Interest in automation is a plus.
5 to 7 years of security experience desired, preferably in a matrix-driven corporate environment.
Proven experience troubleshooting and simulating HTTP client requests (e.g., curl, postman, HAR file analysis).
Strong understanding of core networking concepts (e.g. - TCP/IP, DNS, HTTP, proxy, load-balancing, etc.) and Email Security.
Functional experience with Splunk, SIEM, or other log aggregation & analysis technologies.
Experience with cloud solutions such as AWS or other IaaS/PaaS/SaaS environments.
Ability to interact with both technical and non-technical staff, including management and executives, with experience articulating technical material in business terms.
Functional understanding of network controls and policies to stop cyber threats.
Familiarity with criminal activities and the attacks that may occur in each layer of the OSI model.
Understanding cyber threats, malicious cyber threat actor motivations, and capabilities relevant to regions of interest.
Bachelor's degree in computer science or Industry certifications in cyber security incident management, such as, Certified Information Systems Security Professional (CISSP), GIAC and other related credentials.

Responsibilities

Conduct security investigations and lead security incident response in a cross-functional environment and drive incident resolution.
Be a technical and process subject matter expert.
Monitoring and Log Analysis Expertise - Web logs, NetFlow and Packet Analysis
Familiarity with external facing security controls that can stop external attacks that may occur such as WAF tuning, Bot management, API protection, network policy governance, troubleshooting, and incident response.
Ability to make information security risk determinations based on intelligence analysis.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume