Cyber Security Analyst

The IT / Cyber Security Analyst is a global role within the ION Markets Division. The role will support the division’s security strategy through the identification, mitigation, and remediation of information security risks to the business. This role reports to the divisional CISO. As a member of the Markets’ IT Security Team, the successful candidate will be responsible for handling escalations from the Group-wide CSIRT Team, improving the security posture, vulnerability management / reporting through to remediation, ensuring security standards are upheld as well as providing input into security control configuration and policies. The Security Analyst’s other responsibilities include meeting KPI targets defined by management and performing various other duties assigned by the divisional CISO. We are looking for a hard-working, dedicated, and motivated individual. Excellent communication skills are a must, and the role holder will be expected to cultivate working relationships with other teams and colleagues of varying technical ability. The role would suit a technically strong candidate looking to drive forward career progression within a dedicated security team. Ideally, the candidate will have come from related security and systems administration roles, focusing on workstation, server, and network technologies.

1. Protect and defend: identify, analyze, and mitigate threats to IT systems and / or networks. Use defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats. Respond to security alerts to mitigate immediate and potential threats. Use mitigation, preparedness, and response and recovery approaches, as needed, to maintain information security and minimize impacts. Conduct assessments of threats and vulnerabilities; determine deviations from acceptable configurations, enterprise or local policy; assess the level of risk; and develop and / or recommend appropriate mitigation countermeasures.
2. Operate and maintain: configure, tune, maintain, and operate key security controls, technologies, and other risk mitigations. Execute ongoing, operational business-as-usual (BAU) tasks to meet management-defined KPIs and SLAs, and deliver security projects in line with management-defined priorities and deadlines. Stay current with the latest security news, threats, intelligence, tactics, techniques, and vulnerabilities. Research and analyze new threats and vulnerabilities to determine exposure. Perform threat hunting and review, triage, investigate, and escalate security alerts raised by the Group-Wide SOC team, security tools, technologies, and services (e.g., endpoint security, network security, DLP, SIEM, etc.). Assist and / or lead efforts to isolate, contain, respond to, and recover from security incidents. Identify, review, prioritize, plan, coordinate, and follow-up on the remediation of vulnerabilities. Configure, customize, tune, manage, troubleshoot, and maintain security technologies, such as SIEM & endpoint security, intrusion detection/prevention systems, etc. This may also include scripting, automation, and orchestration across various platforms. Define, document, and follow approved processes for all responsibilities. Create and maintain documentation for systems, including design and operation. Review systems, configurations, and processes to ensure compliance with policies, client requirements, audit controls, regulations, and industry best practices. Provide security recommendations to IT and other teams based on review results. Respond to security-related inquiries and requests.

• Degree / certifications in a technology-related field and / or relevant working experience; highly desired certifications include PenTest, Security, OSCP, CCSP, CEH, GCIH, GMON. 3 years' experience in IT Security and / or IT. Must have fundamental programming / scripting capabilities (e.g., Python, PowerShell, Bash). Must have in-depth understanding of operating systems (Windows / Linux). The following characteristics are required:
• A team player with the ability to work independently and unsupervised. Ability to own tasks and see them through to completion. Ability to manage time and prioritize work. Excellent communication skills (written and verbal). Attention to detail and quality. Problem-solving skills. Knowledge of endpoint security, network concepts, cryptography, forensic techniques, and experience with security technologies such as endpoint security, SIEM, DLP, IDS/IPS, firewalls, IAM/PIM/PAM, vulnerability management, MDM, etc.

• We’re a diverse group of innovators providing trading and workflow automation software, data, and insights to global clients including corporations, central banks, financial institutions, and governments. We employ 13,000 people across 60 offices, serving 4,800 customers worldwide.

• In accordance with Italian Law (L.68/99), candidates from the disability list will be prioritized. Due to high application volume, only candidates meeting the criteria will be contacted. Do not apply if you lack the legal right to work in Italy or if your right is expiring or restricted. Salary range: €40,000 - €60,000 per year. J-18808-Ljbffr