Schonfeld
Schonfeld is hiring: Senior Cybersecurity Analyst in New York
Schonfeld, New York, NY, United States
Senior Cybersecurity Analyst
The Role
The Schonfeld Cybersecurity Operations Team is looking for individuals who are excited by the idea of finding threats in ways no other defense mechanism can, eradicating threats, and building new intelligence to prevent future attacks from succeeding. This Senior Cybersecurity Analyst will be responsible for improving the overall security posture of the organization and producing intelligence about adversaries and attacks that could impact Schonfeld.
The analyst must continually adapt to stay a step ahead of cyber attackers and stay up to date on the latest methods attackers use to infiltrate networks and systems. Analysts in this role are expected to consistently learn and grow. This is not a passive career opportunity, but rather one that requires a passion for security and rigor to protect the business.
What you'll do
Respond to and investigate cybersecurity incidents, which may be off-hours and on a scheduled rotation.
Review and approve configurations for network components such as firewalls, IDS/IPS, VPN gateways, load balancers, WAFs, SSL certificates, and more.
Stay abreast of the latest security trends, vulnerabilities, and industry best practices to proactively enhance Schonfeld's security posture.
Conduct vulnerability assessments, penetration tests, and audits to identify and mitigate security risks and gaps.
Engage in Threat Hunting exercises and drive improvements in security posture and the development of new detection mechanisms.
Evaluate and implement deception techniques designed to thwart adversaries.
Continuously scope and maintain inventory of Schonfeld's Attack Surface.
Actively monitor, assess, and recommend tactical and strategic initiatives based on new and emerging threats, especially those posing risk to cloud computing environments.
Collaborate with other IT and security teams to provide technical guidance and support in resolving security issues and implementation of configuration best practices
Assist with any investigations from various internal stakeholders such as Human Capital Management, Compliance, etc.
Assess and continuously improve security technology stack, process and procedures, support model, and cross-function interactions utilizing automation where possible without negatively impacting business innovation.
Perform other duties as assigned.
What you'll bring
What you need: At least 5-7 years of experience in a Security Operations/Analyst role.
Experience in cloud technologies and subcomponents as it relates to SaaS, IaaS, and PaaS, as well as public, private, and hybrid.
Ability to effectively communicate business risk as it relates to information security.
Knowledge of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&ACK framework, CVSS, open-source intelligence (OSINT), and deception techniques.
Demonstrated experience conducting tabletop exercises and adversary emulation.
Previous participation in vulnerability and penetration testing engagements.
Experience managing and analyzing logs for various networking technologies such as Firewalls, Network Switches/Routers, DNS Servers, WAFs, ZTNA, etc.
Experience with multiple computing platforms, including Windows, OSX, Linux, Unix, networks and endpoints.
Demonstrated ability to remain current with the evolving threat landscape (especially those targeting the financial sector).
Experience with various detection & response technologies (ie. Honeypots, SIEM/XDR, and EDR).
Familiarity with common change and project management frameworks (ie. ITIL).
Leverage critical thinking skills to facilitate informed and secure decisions.
Ability to work calmly under pressure and with tight deadlines.
Strong communication (written and verbal).
We'd love it if you had: Experience in incident handling, intelligence gathering, and kill chain methodology Prior threat hunting experience.
Digital Forensics Windows & Linux (i.e., Filesystem/Memory Analysis).
Hands-on experience utilizing common penetration techniques and tools.
An understanding of attack surface management tools, including their capabilities and limitations.
Prior experience conducting social engineering campaigns: email phishing, phone calls, text phishing.
One or more scripting languages (e., Python, PowerShell, JavaScript, and Bash).
Prior web application assessment experience.
Who we are Schonfeld Strategic Advisors is a global multi-strategy, multi-manager investment platform that harnesses the transformative power of people to perform in all market environments. Our dynamic culture inspires better outcomes for our team, our investors, and our partners. We aim to consistently deliver risk-adjusted returns, with people driving performance.
We specialize in four core strategies: Quantitative Trading, Fundamental Equity, Tactical Trading, and Discretionary Macro & Fixed Income. We capitalize on inefficiencies and opportunities within the markets, drawing from a significant investment in proprietary technology, infrastructure, and risk analytics.
We invest through internal portfolio managers and external partner funds, pursuing alignment among investors, investment professionals, and the firm. Our footprint spans 7 countries and 19 offices.
Our Culture Talent is our strategy. We believe our success is because of our people, so putting our talent above all else is our top priority. We are teamwork-oriented, and collaborative and encourage ideas-at all levels-to be shared. As an organization committed to investing in our people, we provide learning & educational offerings and opportunities to make an impact.
We foster a sense of belonging among all of our employees with Diversity, Equity, and Inclusion at the forefront of this mission. Our employees value diversity across identity, thought, people, and perspective which serves as the foundation of our culture. As a firm, we are committed to creating a hiring process that is fair, welcoming, and supportive.
The base pay for this role is expected to be between $100,000 and $130,000. The expected base pay range is based on information at the time this post was generated. This role may also be eligible for other forms of compensation such as a performance bonus and a competitive benefits package. Actual compensation for the successful candidate will be determined based on a variety of factors such as skills, qualifications, and experience.