Lead SOC Analyst
Culpeper, VA - USA
Job Summary
ABOUT US
Were the worlds leading provider of secure financial messaging services headquartered in Belgium. We are the way the world moves value across borders through cities and overseas. No other organisation can address the scale precision pace and trust that this demands and were proud to support the global economy.
Were unique too. We were established to find a better way for the global financial community to move value a reliable safe and secure approach that the community can trust completely. Were always striving to be better and are constantly evolving in an ever-changing landscape without undermining that trust. Five decades on our vibrant community reflects the complexity and diversity of the financial ecosystem. We innovate diligently test exhaustively then implement a connected and exciting era our mission has never been more relevant. Swift now has a presence in 200 countries and legal territories to serve a community of more than 12000 banks and financial institutions.
The Cyber Fusion Centre (CFC) is looking for a Lead SOC (Security Operations Center) Analyst to join us. This team is responsible for the prevention of Cyber Security incidents by monitoring detection and response to potential intrusions in real time within the Swift network.
As a Lead SOC Analyst you will provide input to security strategy and control of systems networks physical infrastructure people and information. You will participate in the design communication and execution of policies/controls/procedures as appropriate for Swift and its customers and as consistent with the company objectives company reputation and regulatory this role you will act as an operational mentor coaching junior members within the team.
**Swift is unable to sponsor an employment authorization for this position now or in the future.
What to Expect:
You will:
- Lead the creation and operationalization of a formalized Threat Hunting program within the SOC
- Participate in a 24x7 SOC; occasional shift work is required for this position. Shift work typically includes one week per month Monday - Sunday 11 AM - 7 PM and occasional holiday work; all other hours are standard working hours.
- Provide expertise & guidance to less senior team members
- Support Incident Response (IR) and Threat Detection development activities and report to Senior Management ensuring proper awareness and ownership
- Support the introduction and implementation of new capabilities and IR processes and procedures within the Cyber Fusion Centre
- Interact closely with Swifts Red Team to further enhance detection capabilities
- Lead and participate in IR simulation exercises from a blue team perspective
- Perform proper triage identification and scoping of incidents including identification investigation and follow-up of containment actions
- Participate in the identification development and communication of IOCs
- Participate in the identification and coordination of eradication and remediation actions with various stakeholders and ensure timely follow-up.
- Enhance and tune tools for efficiently managing large collections of security events
- Stay abreast of changing technologies emerging cyber threats and attack methodologies
What will make you successful:
Technical Qualifications
- Bachelors degree in Computer Science IT or related field
- 8 years of related working experience in a SOC Incident Response or Threat Hunting role
- Experience performing or leading threat hunting activities
- Experience with cloud technologies such as Azure Google Cloud or AWS
- Experience with security tools such as SIEM IDS/IPS EDR/XDR SOAR etc.
- Ability to learn in a fast-paced multi-dimensional technical environment
- Strong verbal and written communication and the ability to concisely and accurately document technical investigations
Preferred Technical Qualifications:
- Familiarity with Scripting languages such as PHP Perl or Python and databases such as MySQL and knowledge of Unix and Windows.
- Security certifications such as GIAC GCIA/GCIH CISSP or other relevant certifications
- Knowledge of penetration testing and vulnerability assessment capabilities and tools
The estimated salary range for a new hire in this position in Virginia is $121564.00 USD Annual MINIMUM to $225762.00 USD Annual MAXIMUM. Salary may vary depending on job-related factors which may include knowledge skills experience and location. Our compensation packages include a competitive base salary and bonus opportunity for all employees contingent on personal and company performance. Our generous benefits program includes medical dental vision and life insurance with no premium costs for our employees and their families and retirement plan plus matching 401k.
What we offer
We give you the freedom to be yourself. We are creating an environment of unique individuals like you with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyones voice counts and where you can reach your full potential.
We are committed to an inclusive and accessible recruitment process. If you require a reasonable accommodation related to accessibility during your application or interview please contact or indicate this in your application.
Please note that this mailbox is not monitored for general recruitment enquiries and should only be used for accessibility or accommodation-related requests (for example related to vision hearing or neurodiversity).
All requests are confidential and will not affect your candidacy.
Dont meet every single requirement At Swift we are dedicated to building a workplace where people can bring their full selves and ideas to the team so if you are excited about this role we encourage you to apply even if you do not meet every single qualification.
Required Experience:
IC
About Company
SWIFT is a global member-owned cooperative and the world’s leading provider of secure financial messaging services. We provide our community with a platform for messaging and standards for communicating, and we offer products and services to facilitate access and integration, identifi ... View more