Vice President, Cybersecurity Data Scientist

Job Information:

• Functional Title: Cybersecurity Data Scientist
• Department: IT Security, Cyber Threat Intelligence
• Corporate Level: Vice President
• Reports To: Executive Director
• Location: London, on-site 2 days per week

Job purpose:

CLS is seeking a highly motivated, self-driven Cybersecurity Data Scientist to join a global threat intelligence team. The role will be located in London, UK. The position will report to the Head of Cyber Threat Intelligence and Proactive Cyber Defense and will involve applying advanced statistical analysis, machine learning, and data engineering to identify, detect, and mitigate digital threats. The ideal candidate will be aware of industry trends and frameworks and how they could impact our business, including threat actor groups, their TTPs, intrusion activities. The candidate will work in support of the Cybersecurity Operations, Cyber Threat Intelligence, and Threat Hunting teams. This role will also be responsible for mentoring others on the team.

This position requires someone with an analytical mind, a quick learner, and the ability to create and deliver briefings, propose, and execute program initiative’s/improvements, and collaborate with a wide range of key internal and external stakeholders.

Job Description:

• Develop and implement machine learning models (i.e. anomaly detection, classification) to identify patterns indicating malicious activity, malware, or insider threats
• Clean normalize, and manage massive datasets from disparate security systems (SIEM, firewalls, endpoints) to make them usable for analysis
• Analyze historical security data and external threat intelligence to forecast potential attack vectors
• Present complex technical findings via dashboards to non-technical stakeholders
• Work with CTI analysts to produce reports for both executive and technical stakeholders and be able to brief all stakeholders.
• Develop and maintain clear documentation of activities, findings, and lessons learned
• Assess emerging threats against our operational environment and work in partnership with our security teams for detection, mitigation, and remediation efforts
• Perform trend and correlation of cyber intelligence for recommendation-based countermeasures
• Support and engage in incident response investigations
• Review other analysts work and provide mentorship and guidance

Experience:

• 5-7+ years of direct cybersecurity related data scientist experience
• 5+ years of progressive experience in information security (cyber security) field, preferable in Security Operations or Incident Response roles
• Understanding of intelligence lifecycle and risk management
• Knowledge of fundamentals of threat actors’ TTP
• Understanding of IOC validation practices and sources
• Familiarity with MITRE ATT&CK framework and mapping
• Excellent interpersonal and relationship management skills
• Individual contributor whilst also contributing to a small team
• Self-motivated with ability to work with minimal supervision

Qualifications/Certifications:

• Bachelor’s Degree in Cybersecurity studies, Intelligence Studies, International Relations, Economics, Computer Science, or related discipline
• Security certification such as SANS GIAC (or equivalent) ideally GMLE or CERT Applied Data Science for Cybersecurity Professional, or working towards certification (or equivalent), CISSP and Security+
• High proficiency in Python and SQL
• Experience with threat intelligence and SOC/CIRT interaction
• Splunk experience is highly preferred
• Experience with SIEM, EDR solutions, network monitoring tools, and other cyber security tools
• Experience with scikit-learn, tensorflow, or pytorch
• Experience with big data frameworks such as Hadoop, Spark, or Kafka
• Strong knowledge of statistics, probability, and exploratory data analysis
• Experience with threat intelligence vendors
• Ability to work on-site at least twice a week in London

Desired Skills:

• Financial sector experience