Senior Cyber Incident Response Analyst
FlexTrade Systems is a global leader in high-performance multi-asset execution management and order management systems for equities, fixed income, foreign exchange, futures, and options. A pioneer in the field, FlexTrade is internationally recognized for introducing FlexTRADER®, the world’s first broker-neutral, execution management trading system, which allows clients to completely control and customize their execution workflows through a comprehensive ability to search/access liquidity while maintaining the confidentiality of their trading strategies.
The Global Information Security team’s mission is to ensure FlexTrade and client’s security globally and to ensure solutions implemented by FlexTraders are secure and fulfill FlexTrade’s mission – Trade Your Best.
FlexTrade Global Information Security is looking for a Senior Incident Response Analyst, who loves what they do. Reporting to the Global Cyber Security Manager, you’ll work with FlexTraders globally. The primary focus for this role is to respond on threats and incident occurring at a global level
- Investigate, and document security incidents
- Perform security incident response and root cause analysis
- First point of contact for Cybersecurity incident and responsible for incident investigation and response activities
- Work closely with managed security provider, vendors, information system owners or representatives and infrastructure technical staffs on security incidents to perform incident handling and provide remedial actions
- Provide investigative support on incidents relating to security solutions (e.g., endpoint security solutions, data loss prevention solution, SIEM solution, web proxy, intrusion detection/prevention system and advanced threat detection systems)
- Prepare and deliver monthly and ad-hoc security incident reports.
- Review and update cybersecurity incident response plan, standard operating procedure, playbooks and supporting documents
- Responding to, triaging, and investigating potential incidents across laptops, servers, network devices, and systems by assessing, mitigating, and containing identified threats and weaknesses
- Triage security incidents including unauthorised access, phishing, malware infection etc
- Work with the monitoring team to refine current use cases implemented on the SIEM solution to reduce/minimise false positives
- Suggest new methods, processes, and tool that the team could adopt to help us achieve our mission and improve our workflows.
- Write comprehensive investigative reports including assessment-based findings, outcomes, and propositions for further system security enhancement
Skills & Experience
- A degree/diploma in a related field, such as Computer Science
- Technical background in cyber security operations – Incident Response / Incident Analysis
- Candidates with 4-5 years’ experience is preferred
- Technical security certifications e.g. SANS, CREST, EC-Council or relevant would be an advantage
- Hands on technical experience on various tools used in the security stack including but not limited to Email Security, IPS/IDS technologies, SIEM, EDR, Proxies etc.
- Familiarity with scripting languages e.g. Powershell, Python
- An inquisitive mindset and the ability to take on a pro-active approach in identifying gaps and to problem-solve
- Ability to multitask and prioritize work effectively
- Highly motivated, self-driven and able to work both independently and within a team
- Able to work under pressure in time critical situations and occasional nights and weekend work