Senior Systems Analyst - Cyber Defense

WELLINGTON MANAGEMENT

Wellington Management offers comprehensive investment management capabilities that span nearly all segments of the global capital markets. Our investment solutions, tailored to the unique return and risk objectives of institutional clients in more than 60 countries, draw on a robust body of proprietary research and a collaborative culture that encourages independent thought and healthy debate. As a private partnership, we believe our ownership structure fosters a long-term view that aligns our perspectives with those of our clients.

We are transitioning to a hybrid work environment where both remote work and the office play a critical role. Our vision is a future where all employees are empowered to work flexibly to drive the best outcomes for our clients. Flexible work is a mindset and a core value. Our employees are encouraged to work remotely two days a week as a standard practice and will have flexibility in terms of working hours.

Wellington Management offers comprehensive investment management capabilities that span nearly all segments of the global capital markets. Our investment solutions, tailored to the unique return and risk objectives of institutional clients in more than 60 countries, draw on a robust body of proprietary research and a collaborative culture that encourages independent thought and healthy debate. As a private partnership, we believe our ownership structure fosters a long-term view that aligns our perspectives with those of our clients.

We are transitioning to a hybrid work environment where both remote work and the office play a critical role. Our vision is a future where all employees are empowered to work flexibly to drive the best outcomes for our clients. Flexible work is a mindset and a core value. Our employees are encouraged to work remotely two days a week as a standard practice and will have flexibility in terms of working hours.

As an APAC team, we are looking for candidates in either Singapore or Sydney

Position
The Cyber Defense Team is looking for a Senior Analyst to perform information security-related investigations and incident response processes. In addition to this, this analyst will also have a role in proactively identifying vulnerabilities in systems, triaging those that are being actively exploited, and working to test our controls and detections using breach attack tools. Our Cyber Defense Team's primary mission is to understand the normal and to continuously seek out and investigate the abnormal looking for areas of exposure and working with business and technical teams to understand and refine processes and controls.

Detailed responsibilities include:

• Gather and analyze data through SIEM-like log aggregation tool, performing independent analysis to look for indications of compromise or exposure.
• Triage reports, data feeds, dashboards, and other indicators to identify anomalies that may warrant further investigation
• Review of weekly vulnerability scan metrics and collaborate with the appropriate teams to provide technical guidance with remediation or mitigation plans based on findings from assessment tools.
• Work to create new detections based on a wide range of log sources
• Interface with technical and non-technical users to conduct fact-finding interviews, gather forensic artifacts and understand business processes
• Engage with other teams as appropriate, either a result of incident response, to build platform specific alerting, or to advocate for improvements to configurations or technologies
• Provide root cause analysis and suggestions based on investigative findings to prevent reoccurrence
• Provide oversight in the design and further establishment of DMZ deployments including defense in depth
• Continue to develop and improve the Cyber Incident Response Plan
• Stay up to date with current and relevant cyber security threats as well as any associated countermeasures
• Participate in on-call rotation for escalated security events

Non-technical Qualifications

• MSc or BS degree or equivalent 5-10 years of work experience in cyber security space
• Strong analytical, decision-making, and investigative skills
• Ability to self-motivate, often operating independently from co-workers
• Ability to work with global teams effectively, with minimum daily supervision
• Excellent written and verbal communication skills
• Ability to work in a team-oriented, fast-paced environment
• Strong intellectual curiosity, aptitude to provide innovative solutions to problems
• Attentive to detail and self-disciplined

Technical Qualifications
Candidates should have some familiarization with:

• Strong technical skills with Splunk, and similar SIEM solutions
• Knowledgeable with various security infrastructure tools such as firewalls, intrusion prevention/detection systems, proxy servers, email controls, anonymizing technology, data loss prevention.
• Previous experience assessing, documenting, and communicating information security risk, particularly related to cyber vulnerabilities is preferred
• Ability to automate various security tasks and workflows using Python/Bash/Powershell
• Breach detection / endpoint forensics tools such Carbon Black, Mandiant, ATP Defender
• Strong ability to understand and interpret indicators of potential threat activity
• Experience with Vulnerability Scanning tools (such as Qualys, Rapid7, Tenable, etc.)
• Preferred: Exposure to User Behavior Analytics tools
• Preferred: Working knowledge of Public Cloud: AWS/Azure
• Preferred: Experience with Breach Attack Simulation tools (AttackIQ, Mandiant Security Validation, etc.)
• Desired certification: SANS (GCIH, GNFA, GPEN, GCFA...), OSCP, CISSP, AWS Security Specialty, Azure Security Engineer, CCNP Security, PCNSE or similar.

Not sure you meet 100% of our qualifications? That's ok. If you believe that you could excel in this role, we encourage you to apply and welcome a chance to review your background. We are dedicated to building and maintaining a diversified workforce and considering a broad array of candidates with a variety of skill, workplace experiences, and backgrounds.

As an equal opportunity employer, Wellington Management ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, sex, sexual orientation, gender identity, gender expression, religion, creed, national origin, age, ancestry, disability (physical or mental), medical condition, citizenship, marital status, pregnancy, veteran or military status, genetic information or any other characteristic protected by applicable law . If you are a candidate with a disability, or are assisting a candidate with a disability, and require an accommodation to apply for one of our jobs, please email us at GMCANINQ@wellington.com .