Senior Cybersecurity Analyst

Location: New York

Senior Cybersecurity Analyst page is loaded## Senior Cybersecurity Analyst locations:
New Yorktime type:
Full time posted on:
Posted 5 Days Agojob requisition :
JR100884
** Who we are looking for:
** First Eagle is seeking a Senior Cybersecurity Analyst hire. The successful candidate is responsible for leading the design, implementation, and continuous improvement of cybersecurity controls and monitoring systems. This role involves advanced threat detection, events investigations, incident response, vulnerability management and ensuring compliance with regulatory and organizational security standards. The Analyst will serve as a technical expert, helping to safeguard the confidentiality, integrity, and availability of enterprise systems and data.
*
* What you will do:

** Threat Monitoring & Incident Response
* Lead proactive monitoring of security events and alerts using SIEM and EDR tools
* Investigate, analyze, and respond to cybersecurity incidents and breaches
* Functions as the secondary responder to the MSSP for security incidents, ensuring timely escalation and support coverage during nights, weekends, and on a 24/7 basis when operationally required
* Coordinate incident response and forensics efforts across IT and business units
* Develop and maintain incident response playbooks and procedures
* Works with SIEM solution to improve log analysis and correlation, build dashboards to show alerting and security posture
* Execute and improve the core functions of incident response including threat detection and prevention, incident response, systems and network security monitoring, forensics and vulnerability management at enterprise scale
* Review alerts and data from systems and responds appropriately, including documentation and escalation
* Ensure the monitoring of intrusion detection and security information management systems to discover and mitigate malicious activity on networks if any detected
* Develop tactical response procedures for security incidents
* Recommend and implement mitigating actions to contain incident related activity
* Act as point-person for investigations of security violations through endpoint and network forensics
* Review computer security incident reports and anomalous activity of network and ensures ongoing proactive measures to mitigate risks

Risk Management & Vulnerability Assessment
* Conduct regular vulnerability scans, penetration testing coordination, and remediation tracking. Coordinate with internal IT engineers to prioritize patching efforts
* Work with third party penetration testing providers to review FEI environments
* Assess emerging threats and propose strategies to mitigate risks
* Maintain and report on the organization’s risk posture and security KPIsSecurity Architecture & Governance
* Administer and optimize various tools including Endpoint Detection, SIEM, IDS/IPS, Data Classification, anti-virus and anti-malware systems
* Advise on secure design principles for infrastructure, applications, and cloud environments
* Attend threat intelligence calls and updates with current Managed security service Provider; assist in managing the relationship and services with our MSSP
* Review and enhance cybersecurity policies, standards, and procedures
* Ensure compliance with frameworks such as NIST, ISO 27001, CIS Controls, and regulatory mandates (e.g., GDPR, SOX, SEC, FINRA)
* Responsible for building and maintaining Information Security metrics, reports and dashboards working with the CISO and other IT teams as required; dashboards may include but are not limited to vulnerability management, phishing, and 3rd party risk and incident response metrics

Security Awareness & Training
* Responsible for administering the cyber security awareness training program for all employees
* Administer and maintain third-party phishing simulation platform

Operational Management
* Produce and maintain regular written and in-person communications regarding pertinent security activities
* Produce and maintain procedures and policies pertaining to the information security program and its technologies
* Actively work with department technical and business colleagues to ensure optimal security solutions for the business needs
** The qualities you should have:
*** Undergraduate degree in computer science, engineering or related field and/or 5+ years working in a security operations center or information security related department
* 5+ years' experience of using SIEM and EDR tools to build alerts and dashboards
* CISSP or CISA preferred
* Previous experience in the financial services industry is a plus
* Have strong hands-on experience with SIEM and vulnerability tools, Endpoint Detection and Response Tools for incident response
* Experience with and strong understanding of:
+ Administering Data Loss Prevention tools  + IT security regulations and best practices  + IT audit frameworks like COBiT, ITIL and NIST  + Hardening applications and OSs including Windows and Linux  + TCP/IP, LAN, WAN and endpoint security technologies  +…