The Role:
The IT Security Analyst is a global role within the ION Analytics Division. The role will support the division’s security strategy through the identification, mitigation and remediation of information security risks to the business. This role reports to the divisional CISO.
As a member of the Analytics’ IT Security Team, the successful candidate will be responsible for handling escalations from the Group-wide CSIRT Team, improving the security posture, vulnerability management/reporting through to remediation, ensuring security standards are upheld as well as providing input in to security control configuration and policies. The Security Analyst’s other responsibilities include meeting KPI targets defined by management and performing various other duties assigned by the divisional CISO.
We are looking for a hard-working, dedicated and motivated individual. Excellent communication skills are a must and the role holder will be expected to cultivate working relationships with other teams and colleagues of varying technical ability. The role would suit a technically strong candidate looking to drive forward career progression within a dedicated security team. Ideally the candidate will have come from related security and systems administration roles, focusing on workstation, server and network technologies.
Key Responsibilities
- This role may require some overnight, weekend and on-call activities.
- Protect and defend: identify, analyze and mitigate threats to IT systems and/or networks.
- Use defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats.
- Respond to security alerts to mitigate immediate and potential threats. Use mitigation, preparedness, and response and recovery approaches, as needed, to maintain information security and minimize impacts.
- Conduct assessments of threats and vulnerabilities; determine deviations from acceptable configurations, enterprise or local policy; assess the level of risk; and develop and/or recommend appropriate mitigation countermeasures.
- Operate and maintain: configure, tune, maintain and operate key security controls, technologies, and other risk mitigations
- As a member of the Security team, it is expected that the person in this role will:
- Execute ongoing, operational business-as-usual (BAU) tasks to meet management-defined KPIs and SLAs, and deliver security projects in line with management-defined priorities and deadlines
- Stay current with the latest security news, threats, intelligence, tactics, techniques, and vulnerabilities. Research and analyze new threats and vulnerabilities to determine exposure.
- Perform threat hunting and review, triage, investigate and escalate security alerts raised by the Group-Wide SOC team, security tools, technologies, and services (e.g. endpoint security, network security, DLP, SIEM, etc.)
- Assist and/or lead efforts to isolate, contain, respond to, and recover from security incidents
- Identify, review, prioritize, plan, coordinate, and follow-up on the remediation of vulnerabilities
- Configure, customize, tune, manage, troubleshoot, and maintain to ensure effective and efficient operation of security technologies, such as SIEM & endpoint security, intrusion detection/prevention systems, etc. This may also include scripting, automation, and orchestration across various platforms.
- Define, document, and follow approved processes for all the responsibilities included in this job description. Create and maintain documentation for systems, including design and operation.
- Review systems, configurations, and process to ensure and report on compliance with ION policy, client requirements, audit controls, regulations, and industry best practices. Provide best practice security recommendations to IT and other teams within ION, based on review results.
- Respond to information security-related inquiries and requests.
The primary responsibilities of this role are to:
Required Skills, Experience and Qualifications
- Degree/diploma/certifications in a technology-related field and/or relevant working experience; highly desired certifications include:
- PenTest+, Security+, OSCP, CCSP, CEH, GCIH, GMON
- 3+ years' experience in IT Security and/or IT
- Must have fundamental programming/scripting capabilities (e.g. python, powershell, bash, etc.)
- Must have in-depth understanding of operating systems (Windows/Linux)
- A team player with the ability to work independently and unsupervised
- Ability to own delegated tasks and see them through to completion
- Ability to manage time and prioritize work to maximize productivity
- Excellent communication skills (both written and verbal)
- Exceptional attention to detail and quality
- Excellent problem-solving techniques and trouble analysis skills
- Endpoint security concepts, controls, and best practices for Servers (e.g. Windows and Linux)
- General IT networking concepts, protocols, standards and network security concepts, controls, and best practices
- Cryptography fundamentals and data security controls and best practices
- Forensic investigation techniques
- Prior experience deploying, configuring, managing, and/or operating security technologies is preferred, such as endpoint security (e.g. AV/EPP/EDR), SIEM, DLP, SWG, CASB, UEBA, IDS, IPS, firewalls, IAM/PIM/PAM, vulnerability management, MDM, etc.
The following general characteristics are required:
The candidate should have a good knowledge of:
About us
We’re a diverse group of visionary innovators who provide trading and workflow automation software, high-value analytics, and strategic consulting to corporations, central banks, financial institutions, and governments. Founded in 1999, we’ve achieved tremendous growth by bringing together some of the best and most successful financial technology companies in the world.
• Over 2,000 of the world’s leading corporations, including 50% of the Fortune 500 and 30% of the world’s central banks, trust ION solutions to manage their cash, in-house banking, commodity supply chain, trading and risk.
• Over 800 of the world’s leading banks and broker-dealers use our electronic trading platforms to operate the world’s financial market infrastructure.
ION is a rapidly expanding and dynamic group with 13,000 employees and offices in more than 40 cities around the globe,
Our ever-expanding global footprint, cutting edge products, and over 40,000 customers worldwide provide an unparalleled career experience for those who share our vision.
ION is committed to maintaining a supportive and inclusive environment for people with diverse backgrounds and experiences. We respect the varied identities, abilities, cultures, and traditions of the individuals who comprise our organization and recognize the value that different backgrounds and points of view bring to our business.
ION adheres to an equal employment opportunity policy that prohibits discriminatory practices or harassment against applicants or employees based on any legally impermissible factor.
Top Skills
What We Do
Serving Luxembourg's IT needs since 2002, ION Group has focused its activities on 3 pillars:
ION Home: IT services for home users.
- Computer repair and maintenance
- Network Setup
- Internet Setup
- Email and Hosting Services
ION Pro: Maintenance for small and medium businesses
- Server maintenance and setup
- Network configuration and security
- Workstation
- Server and services hosting and housing
ION Development
- Website design and development
- Custom application development (Web, Mobile, iOS, Android)
- OpenSource software modifications