At T. Rowe Price, we identify and actively invest in opportunities to help people thrive in an evolving world. As a premier global asset management organization with more than 85 years of experience, we provide investment solutions and a broad range of equity, fixed income, and multi-asset capabilities to individuals, advisors, institutions, and retirement plan sponsors. We take an active, independent approach to investing, offering our dynamic perspective and meaningful partnership so our clients can feel more confident.
We believe doing the right thing for our clients and our associates is good business. With a career at the firm, you can expect opportunities to create real impact at work and in your community. You’ll enjoy resources to support your career path, as well as compensation, benefits, and flexibility to enrich your life. Here, you’ll find a collaborative culture that respects and values differences and colleagues who share a spirit of generosity.
Join us for the opportunity to grow and make a difference in ways that matter to you.
Overview
The Senior Cyber Security Analyst for Incident Response will work in an environment where challenging technical and security issues in a dynamic operational environment will test knowledge, skills and abilities as they relate to incident response, forensics and cyber threat hunting. The Senior Cyber Security Analyst for Incident Response will: use data collected from cyber defense tools to analyze events for the purposes of finding and mitigating threats; Investigate, analyze, and respond to cyber incidents; Evaluate security controls against the current threat landscape and organizational architecture and provide recommendations for enhancement ; Cultivate an active partnership with Enterprise Architecture, Technology Platform and Application Owners as they are accountable for the secure design, configuration, and operation of their environments.
Role summary and job responsibilities
Accountable for all aspects of the cyber security analysis process for their work
You will contribute to the development of and improvement in cyber security standard methodologies within your group
Leads analysis and actively participates in providing feedback on team members’ work
Ability to lead a team on cyber analysis or incident response
Ability to break down complex or vague problems and steps through them in a rational way
Flexible in his or her thinking; able to evolve a solution when additional information or ideas are presented
Decisions and recommendations distinguish between near term mitigation and required future investments
Identifies when junior resources need help and provides mentoring in a positive way that promotes confidence
You will help team members/make suggestions to improve practices
On-call rotation 1 week per month, with
Other duties as assigned
Working hours are 8:00 a.m. to 5:00 p.m. for the Singapore-based role and 11:00 a.m. to 7:00 p.m. for the Sydney-based role. Associates may occasionally be required to work outside these hours based on business needs
Business knowledge
Can articulate cyber security risk and translate into practical solutions to technology teams
Thorough knowledge of the cyber analysis program associated objectives
Requirements
Typically, 4+ years of relevant experience
Up to date with relevant cyber security threats and counter measures
Shows a commitment to quality by implementing suitable solutions
Leads work reviews and actively participates in providing feedback on others’ work
Performs as an expert in one or more cyber security programs.
Deep understanding of TCP/IP, OSI model and component and systems dependencies concepts.
Deep understanding of incident response processes and procedures
Utilizes Cyber Threat Intelligence and Cyber Security Awareness concepts to influence work
In depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems
Knowledgeable with various security infrastructure tools such as firewalls, intrusion prevention/detection systems, proxy servers, email controls, anonymizing technology, and SIEM
Knowledgeable in Cyber risk management frameworks knowledge, web application technologies, and network and systems forensics
Ability to investigate and analyze malicious code
Ability to work as part of a team, show initiative and take on new tasks as assigned
Ability to perform risk analysis and communicate that risk to others
General understanding of AWS, Azure and/or Google Cloud
Preferred
Experience in a 24x7 global enterprise, preferably in the Financial industry
SANS GIAC certifications (such as GREM, GCIH, GCFA)
In-depth knowledge of malware analysis tools
Scripting experience, preferably Python and/or Powershell
Splunk knowledge
General system administration
Commitment to Diversity, Equity, and Inclusion:
At T. Rowe Price, our associates are our greatest asset. We thrive because our company culture is built on inclusion and because we sustain a work environment where associates can bring their best selves to work every day. The backgrounds, talents, and experiences of our global associates allow us to embrace new ideas and perspectives that move our business priorities forward and enable us to deliver strong client outcomes. Here, you can expect equal opportunity and fair and consistent treatment for all.