Senior Attack Monitoring Analyst (GSOC)

LSEG LSEG is your trusted global financial markets infrastructure and data provider. Discover how we deliver value for our customers. LSEG (London Stock Exchange Group) is more than a diversified global financial markets infrastructure and data business. We are dedicated, open-access partners with a dedication to excellence in delivering the services our customers expect from us. With extensive experience, deep knowledge and worldwide presence across financial markets, we enable businesses and economies around the world to fund innovation, manage risk and create jobs. It’s how we’ve contributed to supporting the financial stability and growth of communities and economies globally for more than 300 years. Role Profile LSEG Security Operations is a central function employing people, process and technology to continuously monitor and respond to cyber security incidents. Security Operations spans multiple domains including cyber threat intelligence, cyber threat detection, data loss prevention and cyber incident response. Role Summary This role is a Senior Attack Monitoring Analyst for the Global Security Operations Centre (GSOC). The role is responsible for identifying and responding to cyber security incidents and improving the defensive capabilities of the GSOC. Responsibilities Triage security events and employ a methodical and coherent response to security incidents. Serve as a point of escalation and point of reference for junior members of the level 2 team. Competently operate a chosen SIEM (e.g., Splunk/QRadar/LogRhythm) for incident investigations, or for the development of monitoring dashboards. Utilise playbooks, existing knowledge and accurate online resources for guidance when responding to incidents. Utilise online resources for researching and collecting threat intelligence to enhance the SOC’s abilities to detect cyber-attacks. Develop new, or improve existing run books and use cases based on investigations and knowledge of modern attacks. Stay up to date with current vulnerabilities, attacks, and countermeasures. Identify, respond and remediate cyber events generated through monitoring technologies. Serve as a point of escalation for cyber security incident triage and investigation. Experience Experience with operating or administrating a SIEM (e.g. Splunk/QRadar/LogRhythm). Strong working knowledge of networks including the TCP/IP stack, typical organisation architectures, and common protocols abused by malware. Experience in security event analysis & triage, incident handling and root-cause identification. Understanding of tools, techniques and procedures that attackers use to compromise organisations, ideally from direct experience. Experience and knowledge of cyber security in corporate environments. Likely will have experience working full time in incident response or offensive security roles. Ability to work with a sense of urgency while remaining calm under pressure. Strong verbal and written communication and collaboration skills. Security industry specific and core technical accreditations such as OSCP, GIAC, CCNA. Competent with one or more programming languages (e.g. Python, PowerShell, Java, C#). LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth. Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice. #J-18808-Ljbffr