CME Group Cyber Defence Analyst - Incident Responder in Belfast, United Kingdom
Where Futures Are Made - CME Group is the world’s leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it – all while working alongside a team of leading experts who inspire you in ways big and small.
With 2,500 employees located around the world, we’re small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic and the work is unlike any other firm in the business.
Problem solvers, difference makers, trailblazers. Those are our people. And we’re looking for more.
The Cyber Defense Incident Responder position will be responsible for incident response operations of CME Group, supporting global incident response activities. The candidate needs a firm understanding of all aspects of IT Security including current threats and vulnerabilities in the industry in order to effectively identify, contain and remediate incidents facing CME Group. The candidate will also support the maintenance of the Incident Management program helping to ensure that the Incident Response (IR) plan is kept up to date in conjunction with keeping the associated IR application current. The candidate will participate in the coordination of changes to the IR application with the development team.
Respond to cyber security incidents by collecting, analyzing and preserving digital evidence Participate and assist in responding to global security incidents Provide a point of escalation for incidents within various business units. Ability to manage multiple incidents at a single time. This position will monitor incidents submitted and establishing correlation to broader threats when they may exist. Analyze and respond to unauthorized activity within the global computing environment while managing the identification, containment, eradication, recovery and lessons learned / root cause analysis documentation. Contribute to Incident Response process definition and the development and maintenance of documented procedures and techniques, including process integration with any 3rd party vendors, internal IT organizations, etc. Participates in efforts to drive Incident Response application updates necessary to collect various key metrics for reporting to senior management. Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks Communicate effectively with representatives of the business, technology specialists, and vendors Gather forensic evidence for analysis, investigation, disciplinary action or criminal investigation. Performs other duties as requested
MINIMUM REQUIREMENTS: KNOWLEDGE, SKILLS AND ABILITIES
The candidate that fulfills this role will be expected to have process documentation experience and excellent intra-business relationship experience. This role interacts with all levels of the organization, particularly within the IT organization and is viewed as a subject matter expert in IR. Strong investigation and analytical skills. Strong understanding of Windows, Unix/Linux operating systems, security administration, network security weaknesses, vulnerabilities and remediation, TCP/IP networking and firewall concepts. Strong familiarity with security issues surrounding network computing and experience in implementation of security systems and controls. Must have a thorough knowledge of information security components, principles, practices, and procedures Ability to deal diplomatically and effectively at all levels of the organization including both technical and non-technical, management and senior leadership. Knowledge of security auditing processes. Formal training or proportionate work experience in security tools (scanners, Intrusion Detection Systems, and security analysis tools both on the network and on host based systems). Expert knowledge of information security issues, trends and leading practices. A holistic understanding of attack vectors, current threats, and remediation strategies is essential for this role. Experience with computer forensics concepts and procedures, investigations, collections, evidence handling, analyzing and preserving digital evidence and live response techniques. Comfortable working in a dynamic environment with multiple goals. High level critical thinking and strategic planning skills. Excellent written and verbal communications, effective interpersonal skills, strong formal presentation abilities and good leadership skills. Have a thorough understanding of the common and uncommon threats and vulnerabilities related to applications, architectures and databases, thin clients, thick clients, mobile and virtualized applications. Must have good knowledge of general IT architecture infrastructure, web application, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development. Have a firm understanding of outside security threats and risks to an information technology infrastructure and use those skills to develop custom incident response protocols as deemed necessary.
Bachelor’s degree from a four year accredited college/university or equivalent
Experience in information security related positions, preferably in Incident Management, event analysis, penetration testing.
Prior experience in security development and implementation of tools is desirable
Preferred Certifications: One or more of the following certification designations is preferred
GIAC Certified Incident Handler - GCIH
GIAC Certified Intrusion Analyst – GCIA
GIAC Certified Forensic Examiner - GCFE
GIAC Certified Forensic Analyst - GCFA
Certified Information Systems Security Professional - CISSP
Please note this role will require you to work weekends.