Principal Cyber Security Analyst Principal Cyber Security Analyst …

Bridgewater Associates
in Wilton, CT, United States
Permanent, Full time
Be the first to apply
Bridgewater Associates
in Wilton, CT, United States
Permanent, Full time
Be the first to apply
Principal Cyber Security Analyst
Bridgewater Associates is focused on having the deepest possible understanding of financial markets and the global economy. We translate that understanding into great portfolios and strategic partnerships with institutional clients, where we've built a distinct track record of success. We've done this for more than 40 years by having great people operate in a culture of radical truth and radical transparency. Today, we manage about $160 billion for approximately 350 of the world's largest and most sophisticated institutional clients, including public and corporate pension funds, university endowments, charitable foundations, supranational agencies, sovereign wealth funds, and central banks.

Security Department Overview:

Our group is responsible for protecting Bridgewater's people, culture, and ideas - specifically its investment engine. We continue to evolve an enterprise-wide cyber operations team with cutting edge technologies and automation, in order to monitor and contain evolving threats. Together with incident response, as well as top-tier staff and physical security practices, we're committed to becoming the most innovative and capable security team of our kind.

Position Summary:

The Principal Cyber Security Analyst is Bridgewater's highest tier in the Cyber Operations mission. They possess broad vision and a deep understanding of the cyber security trade-craft. With highly advanced cyber security expertise, they are responsible for leading the identification and remediation of all anomalous behavior on the Bridgewater network. As a shaper of the Security Operations Center, they develop innovative solutions to track and defend against sophisticated adversaries.

Successful applicants must possess:
  • Superior technical knowledge of adversary tactics, techniques, and procedures
  • Advanced analytical development experience that can be applied to adversarial detection
  • Demonstrated skill to analyze, correlate, and interpret complex events and anomalies for discovery of indicators of compromise (IOC)
  • Experience in commanding cyber security incident response (IR) actions
  • Excellent communication skills that promote a collaborative environment among other industry experts and junior analysts, inspiring a growth mindset

  • Monitor and investigate internal and external cyber threats, leveraging best of breed technologies, through constant engagement with other world class analysts
  • Quickly correlate multiple data sources and apply various analytical techniques to determine the best remediation strategy, in order to track incidents to completion
  • Isolate, review, and analyze software of unknown origin to quickly determine intent
  • Build and document techniques, tactics and procedures for logging, forensics, and analysis of alerts and anomalies
  • Synthesize latest cyber security subject matter through a demonstrated hunger and passion for the industry
  • Serve as the highest escalation point for technical analysis and response during investigations
  • Provide subject matter expertise during meetings with senior leaders and business security partners
  • Collaborate across engineering, threat intelligence, and other operational teams to enhance detection strategies
  • Provide mentorship, training, and development to junior tiered analysts

Candidate Evaluation Criteria:

Candidates will be evaluated based on their proficiency in the following competencies:

  • SIEM experience in creating custom queries, data-models, correlated alerts, and dashboards
  • Ability to pivot across different data sources to understand impact of events, and associated risk
  • Ability to understand anomalous activity and improve analytics using institutional understanding
  • Expert knowledge and understanding of adversary TTP's and the attacker kill chain
  • Advanced understanding of malware and associated behavior
  • Excellent analytical and problem-solving skills
  • Self-motivated, independent thinking, with a willingness to consistently challenge the status quo
  • A deep desire to persevere and win in a challenging and fast moving operational environment
  • Experience working in a dynamic and collaborative environment; able to speak about complex and technical topics with both technical and non-technical colleagues

Position Requirements:
  • At least 5 years of experience in the following:
    • Network/host-based intrusion analysis, malware analysis, and threat intel
    • Incident response, computer forensics, and threat hunting
    • Knowledge of advanced attack vectors
    • Data analytics used in detecting patterns of anomalous behavior
  • Bachelor's degree or higher in a technical field, or equivalent work experience
  • In-depth knowledge of cyber security monitoring and incident response procedures
  • Solid understanding of network protocols and architecture
  • Strategic thinker and problem solver with excellent analytical and reporting skills
  • Ability to leverage both open-source and commercial tooling to quickly close investigations
  • Broad information technology experience in designing remediation plans
  • Strong oral and written organizational and interpersonal skills

Preferred Qualifications:
  • 2 - 4 years of experience with programming languages such as Python, PowerShell and C#
  • Familiarity with cloud technologies such as AWS, Azure, Google Cloud and associated services (SaaS, IaaS, etc.)
  • Experience with defensive as well as offensive tools and operations
  • Knowledge of advanced malware analysis techniques
  • Certifications in SANS, Offensive Security

Bridgewater Associates, LP is an Equal Opportunity Employer.

Please note that we do not provide immigration sponsorship for this position.