Position Overview:
Seeking a Security Analyst to join our Security Operations Center (SOC), focusing on incident response and threat detection. This role involves working with enterprise SIEM platforms, EDR solutions, and incident management tools to protect IBKRs global trading infrastructure.
Key Responsibilities:
- Triage and investigate security alerts using SIEM/EDR tools
- Execute incident response playbooks
- Perform malware analysis and IOC identification
- Create incident tickets and maintain documentation
- Conduct initial forensic data collection
- Support security event correlation and analysis
- Monitor suspicious endpoint activities
- Participate in 24x7 incident response coverage
Required Technical Skills:
- Experience with SIEM (Splunk/QRadar)
- EDR platforms (CrowdStrike/Carbon Black)
- Incident ticketing systems (ServiceNow/JIRA)
- Windows/Linux log analysis
- Network traffic analysis
- Malware detection tools
- IOC collection and analysis
- Basic forensic tools
Required Experience:
- 2-3 years SOC/IR experience
- L1/L2 alert analysis background
- Experience with incident playbooks
- Exposure to MITRE ATT&CK framework
- Understanding of kill chain methodology
- Basic threat intelligence usage
Technical Environment:
- SIEM platforms
- EDR solutions
- TIP platforms
- Forensic tools
- Network monitoring tools
- Vulnerability scanners
- Incident management systems
Work Requirements:
- Rotating shifts (24x7 SOC)
- Incident response handling
- Alert triage and escalation
- Documentation and reporting
- Team collaboration
Growth Path:
- Advanced IR certification support
- Threat hunting training
- Digital forensics exposure
- Technical skill development
- Senior analyst progression
