HiringCafe
Posted 1mo ago

Adversary Emulation Analyst

@ TP ICAP
View All Jobs
London, England, United Kingdom
HybridFull Time
Responsibilities:Defining and executing, Simulating attacker TTPs, Tuning security rules
Requirements Summary:Experience emulating cyber-attacks (Purple/Red Team), security tooling development, AWS familiarity, SOC collaboration, offense/defense knowledge.
Save
Mark Applied
Hide Job
Report & Hide
Job Description

The TP ICAP Group is a world leading provider of market infrastructure.

Our purpose is to provide clients with access to global financial and commodities markets, improving price discovery, liquidity, and distribution of data, through responsible and innovative solutions.

Through our people and technology, we connect clients to superior liquidity and data solutions.

The Group is home to a stable of premium brands. Collectively, TP ICAP is the largest interdealer broker in the world by revenue, the number one Energy & Commodities broker in the world, the world’s leading provider of OTC data, and an award winning all-to-all trading platform.

The Group operates from more than 60 offices in 27 countries.  We are 5,300 people strong.  We work as one to achieve our vision of being the world’s most trusted, innovative, liquidity and data solutions specialist.

Role Overview:

TP ICAP are seeking an experienced Red/Purple team operator to assist the Adversary Emulation Manager with elevating TP ICAP’s prevention and detection capability.  

Role Responsibilities:

  • Define and execute purple team sprints that materially and demonstrably improve TP ICAP’s ability to prevent and detect modern attacks.

  • Simulate both established and emerging attacker TTPs and personally build the respective detection rules and response procedures.

  • Through the delivery of purple team sprints, identify opportunities to reduce TP ICAP’s attack surface using preventative controls.

  • Work in tandem with the SOC to:

    • Tune existing rules and increase alert fidelity/decrease alert fatigue

    • Include analysts on the purple team journey, aiding in staff retention

    • Train analysts in modern attacker TTPs and the ‘attacker mindset’

  • Work with the Security Engineering team as necessary to support the deployment and tuning of security-related tooling, particularly those that pertain to prevention and detection.

  • Develop processes for attack surface monitoring and constant validation through automation.

  • Act as an escalation point for the SOC and assist with incident response.

  • Feed into prioritisation of sprint focus areas.

Experience/Competencies

  • Practical experience emulating sophisticated cyber-attacks, likely in a Purple or Red Team capacity.  

  • Active contributor to offensive security research and/or tooling, perhaps presenting this research at industry-recognised conferences and forums.

  • Able to evade defensive controls such as EDR and AV, tailoring open-source tooling and rolling your own where required.

  • Experience working closely with the SOC to build detection capability.

  • Strong knowledge of offensive security and modern attacker TTPs.

  • Familiarity with Mitre ATT&CK.

  • Development/automation experience.

  • Familiarity with AWS is preferred.

Role Band & Level: Manager / 6

#LI-Hybrid #LI-MID

Not The Perfect Fit?

Concerned that you may not meet the criteria precisely? At TP ICAP, we wholeheartedly believe in fostering inclusivity and cultivating a work environment where everyone can flourish, regardless of your personal or professional background. If you are enthusiastic about this role but find that your experience doesn't align perfectly with every aspect of the job description, we strongly encourage you to apply. You may be the ideal candidate for this position or another opportunity within our organisation. Our dedicated Talent Acquisition team is here to assist you in recognising how your unique skills and abilities can be a valuable contribution. Don't hesitate to take the leap and explore the possibilities. Your potential is what truly matters to us.

Company Statement

We know that the best innovation happens when diverse people with different perspectives and skills work together in an inclusive atmosphere. That's why we're building a culture where everyone plays a part in making people feel welcome, ready and willing to contribute. TP ICAP Accord - our Employee Network - is a central to this. As well as representing specific groups, TP ICAP Accord helps increase awareness, collaboration, shares best practice, and holds our firm to account for driving continuous cultural improvement. 

Location

UK - 135 Bishopsgate - London