Senior Security Operations Analyst

Senior Security Operations Analyst

Type: Full time | Posted on: Posted Yesterday | Job requisition id: JR2000954

The Bullish Group has built an ecosystem focused on developing financial services for the digital assets sector through technology and investment businesses. These include:

• Bullish Exchange - digital asset trading services that utilize central limit order matching and proprietary market making technology to deliver deep liquidity and tight spreads within a compliant framework. The business is licensed by the Hong Kong Securities and Futures Commission, German Federal Financial Supervisory Authority, and the Gibraltar Financial Services Commission. Since its launch in November 2021, Bullish Exchange has surpassed US$1.3 trillion in total trading volume, with 2H 2024 average daily volume exceeding US$2 billion.
• Bullish Capital - an investment company which offers strategic capital, industry expertise, and an extensive network of resources to support initiatives that connect conventional finance with the digital economy.
• CoinDesk - an award-winning media, events, indices, and data business servicing the global crypto economy.

Information Security Manager, Security Operations & Incident Response

We are seeking a Senior Security Operations Analyst to join our global security operations and incident response team. In this critical role, you will monitor and analyze security incidents, respond to threats in real-time, and ensure the integrity of our systems and platforms. Your expertise will help identify vulnerabilities and improve our security posture through proactive measures and collaboration with cross-functional teams. This position requires a keen analytical mindset, a strong understanding of security technologies, and the ability to thrive in a fast-paced environment.

1. Work closely with the SOC Manager to ensure Service Level Objectives are achieved.
2. Monitor security alerts and incidents using SIEM tools and other security technologies.
3. Create detection use cases in the SIEM, analyze security event data for threat hunting, and research latest threats and vulnerabilities.
4. Respond to security incidents, perform initial analysis, and escalate as necessary.
5. Participate in incident response planning and execution, ensuring timely containment and remediation.
6. Research and analyze emerging threats and vulnerabilities.
7. Document incidents, identify gaps, and recommend improvements; develop and maintain incident response plans and SOPs.
8. Prepare detailed reports for stakeholders on security incidents and trends.
9. Collaborate with technical teams to ensure system and data security.
10. Participate in on-call rotation for after-hours incident response, containment, and forensic investigations.

• Deep, hands-on experience with Linux OS, including system administration, security hardening, and incident response.
• Certifications such as CISSP, CISM, GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User, or similar are preferred.
• Experience in Security Operations and Incident Response.
• Experience with SIEM technologies like Splunk and Google Chronicle.
• Proactive and reactive threat hunting experience using frameworks like MITRE ATT&CK.
• Knowledge of security tools such as IDS/IPS, WAF, EDR, etc.
• Strong understanding of networking, operating systems, and cybersecurity concepts.
• Bachelor's degree in Cyber Security, Computer Science, or related experience.
• Experience with forensic tools and malware analysis is a plus.
• Cloud environment experience (AWS, GCP, Azure) is a plus.
• Ability to work across regions in a process-driven organization.
• Excellent communication and presentation skills.

Bullish is proud to be an equal opportunity employer. We value diversity and strive to create an inclusive environment for all employees.