Senior Analyst, Cyber Defense Senior Analyst, Cyber Defense …

Wellington Management Company, LLP
à Hong Kong, Hong Kong, Hong Kong
CDI, Plein-temps
Dernière candidature, 05 juil. 20
Wellington Management Company, LLP
à Hong Kong, Hong Kong, Hong Kong
CDI, Plein-temps
Dernière candidature, 05 juil. 20
Senior Analyst, Cyber Defense

Wellington Management offers comprehensive investment management capabilities that span nearly all segments of the global capital markets. Our investment solutions, tailored to the unique return and risk objectives of institutional clients in more than 55 countries, draw on a robust body of proprietary research and a collaborative culture that encourages independent thought and healthy debate. As a private partnership, we believe our ownership structure fosters a long-term view that aligns our perspectives with those of our clients.

The Position
The Cyber Defense Team is looking for a Security analyst to perform information security-related investigations and incident response processes. Investigations are triggered by reports, alerts, independent analysis, or via intelligence received from information sharing organizations. Incident response processes may be executed based on the severity of the findings from these investigations. Our Cyber Defense Team's primary mission is to understand the normal and to continuously seek out and investigate the abnormal looking for areas of exposure and working with business and technical teams to understand and refine processes and controls. 

Detailed responsibilities include:
  • Gather and analyze data through SIEM-like log aggregation tool, performing independent analysis to look for indications of compromise or exposure.
  • Triage reports, data feeds, dashboards, and other indicators to identify anomalies that may warrant further investigation
  • Ability to understand and interpret indicators of potential threat activity
  • Work to create new detections based on a wide range of log sources
  • Interface with technical and non-technical users to conduct fact-finding interviews, gather forensic artifacts and understand business processes
  • Engage with other teams as appropriate, either a result of incident response, to build platform specific alerting, or to advocate for improvements to configurations or technologies
  • Provide root cause analysis and suggestions based on investigative findings to prevent reoccurrence
  • Provide oversight in the design and further establishment of DMZ deployments including defense in depth
  • Continue to develop and improve the Cyber Incident Response Plan
  • Stay up to date with current and relevant cyber security threats as well as any associated countermeasures
  • Participate in on-call rotation for escalated security events
Non-Technical Qualifications
  • BS degree or equivalent IT work experience
  • Strong analytical, decision-making, and investigative skills
  • Ability to self-motivate, often operating independently from co-workers
  • Ability to work with global teams effectively
  • Excellent written and verbal communication skills
  • Ability to work in a team-oriented, fast-paced environment
  • Aptitude to provide innovative solutions to problems
  • Attentive to detail and self-disciplined

Technical Qualifications
Candidates should have some familiarization with:
  • Knowledgeable with various security infrastructure tools such as firewalls, intrusion prevention/detection systems, proxy servers, email controls, anonymizing technology, data loss prevention, and SIEM (Splunk)
  • Breach detection / endpoint forensics tools such Carbon Black, Mandiant
  • Strong understanding of common communication protocols, networking fundamentals and the necessary tools to analyze network activity
  • Ability to understand and interpret indicators of potential threat activity
  • Scripting experience, preferably Bash, Python, and/or Powershell
  • Vulnerability scanners
  • Preferred: Exposure to User Behavior Analytics tools
  • Preferred: Working knowledge of Amazon AWS services
  • Preferred: Experience with Breach Attack Simulation tools

Senior Analyst, Cyber Defense

Hong Kong

As an equal opportunity employer, Wellington Management ensures that all qualified applicants will receive equal consideration for employment without regard to r ace, color, sex, sexual orientation, gender identity, gender expression, religion, creed, national origin, age, ancestry, disability (physical or mental), medical condition, citizenship, marital status, pregnancy, veteran or military status, genetic information or any other characteristic protected by applicable law . If you are a candidate with a disability, or are assisting a candidate with a disability, and require an accommodation to apply for one of our jobs, please email us at .