Endpoint Security Analyst , AVP
Kilkenny, Ireland
State Street
State Street provides investment servicing, investment management, investment research and trading services to institutional investors worldwide.State Street is seeking an Endpoint Security Analyst for our Security Platforms team, which is part of the State Street Cyber Fusion Center. This team designs, manages, and supports the security tools which enable security operations across State Street. These tools are critical to State Street’s security, enabling threat detection, incident response, threat hunting, vulnerability management, and other key functions. This is a priority role in a growing team, with multiple positions to be filled. Preferred locations are Ireland (Dublin, Kilkenny, or remote). Shift work, onsite in Kilkenny, will be required for this role.
Who are we looking for
An experienced security analyst with expertise in endpoint detection and response (EDR) products, as well as anti-malware tools and other endpoint security controls. This person will join State Street’s Security Platforms team, which is responsible for designing, configuring, and supporting the key security tools supporting our Cyber Fusion Center. Success in this role will require security knowledge, expertise in enterprise security tools, and problem-solving skills.
What will you be responsible for
- Ensuring the security of State Street by delivering the most capable and reliable security tools for our incident responders and threat hunters
- Educating other teams within the Cyber Fusion Center on the capabilities and use cases of our security platforms, including in threat detection, incident response, threat hunting, and insider investigations
- Managing some of the most important security controls at State Street.
- Maintaining our key security platforms to ensure high reliability, availability, and performance
- Managing the deployment of endpoint agents and liaising with partner teams in global technology to ensure full coverage of our complex environment
- Delivering rapid and effective solutions to emerging security threats and new requirements
- Implementing novel technical solutions to integrate internal systems and automate repetitive processes, in order to improve security, boost efficiency, and increase the value of our platforms
- Tuning and upgrading system components, following internal testing and change management processes
- Contributing to projects that improve current capabilities, drive adoption, and enable future growth
What we value
- Experience operating or supporting platforms used in incident response, threat detection, or threat hunting (e.g., Splunk, Tanium, CrowdStrike, Cylance)
- Familiarity with multiple open source and commercial security tools including their use cases, capabilities, and limitations
- Strong foundational security knowledge, specifically in large and complex organisations
- Understanding of current security threats and other challenges, as well as frameworks like MITRE ATT&CK
- Experience of a 24/7 security operations environment emphasising speed of response, reliability, and system availability
- A desire to learn, combined with a collaborative work style and strong personal work ethic
- Strong communication and presentation skills, both verbal and written
Education & Preferred Qualifications
- This is a role for an experienced security professional, expected to have 5+ years of relevant security and systems management experience (at least 3 years in security)
- Certifications in relevant security products would be beneficial (e.g., Tanium Certified Operator / Administrator, CrowdStrike Certified Falcon Administrator / Responder / Hunter, Cylance Security Professional, Splunk Certified Admin / User, SentinelOne Certified Administrator / Incident Responder)
- A degree is not required for this role, but a qualification in information security or information systems may be beneficial, or relevant industry certifications
- Experience with scripting, system integration, or light development would be beneficial (e.g., Python, PowerShell, other scripting)
- Experience in distributed, international teams would be beneficial
- Experience in financial services may be beneficial
#cyberireland
#cyberpoland
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CrowdStrike EDR Endpoint security Incident response Malware MITRE ATT&CK Open Source PowerShell Python Scripting Splunk Threat detection Vulnerability management
Perks/benefits: Career development
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.