[c. $300-350k Comp Package | Remote Working - must be located in Tri-State Area in case of urgent on-site meetings]
Our client, a leading provider of electronic trading platforms for fixed income securities and derivatives, is seeking a seasoned Security Operations Lead (reporting into the Global SecOps Manager) to spearhead the evolution of their Security Operations programme into a hybrid model. The ideal candidate will possess a unique blend of hands-on technical expertise and a demonstrable history of managing advanced incident response teams. This position presents a unique opportunity to collaborate with subject matter experts across multiple functions, including cyber security, infrastructure, data analytics, application development, and business units.
Key Responsibilities:
- Provide strategic guidance and technical leadership to develop and implement the hybrid security operations roadmap
- Champion the adoption of security automation to bolster key cyber security initiatives
- Offer malware reverse engineering expertise to AppSec, Operations, and IR teams
- Serve as an incident commander to orchestrate and execute the incident response process
- Partner with Cyber Engineering and Resiliency teams to identify and mitigate pertinent security threats
- Oversee relationships with external MSSPs and security vendors
- Coach and mentor engineers in incident response, threat hunting, and security automation
- Forge internal partnerships with key stakeholders across Compliance, Infrastructure, and Risk
- Deliver metrics, KPIs, and KRIs, and furnish regular updates to senior management
Key Requirements:
- 8+ years in information security, with 5+ years dedicated to security operations, incident response, or cyber threat investigations (experience within a financial services environment is preferred)
- Extensive experience with Windows and Unix environments, emphasising disk and memory forensic analysis
- Familiarity with disassemblers and malware reverse engineering tools
- Verified history of producing actionable results as a threat hunter in a highly regulated setting
- Proven track record of leading and advancing security teams with a strong technical emphasis
- Deep understanding of SIEM technologies (Splunk, ELK, QRadar)
- Capability to translate and operationalise technical, legal, and compliance requirements in a regulated environment
- Articulate and concise communicator, able to convey risk and impact to a broad spectrum of audiences
- Comprehensive knowledge of network security architecture, internet protocols, and web service technologies
- (Desired) CISSP, CISM, or comparable qualifications