Cyber MUM AD

Position Overview

ABOUT APOLLO

Apollo is a high-growth, global alternative asset manager. In our asset management business, we seek to provide our clients excess return at every point along the risk-reward spectrum from investment grade to private equity with a focus on three investing strategies: yield, hybrid, and equity. For more than three decades, our investing expertise across our fully integrated platform has served the financial return needs of our clients and provided businesses with innovative capital solutions for growth. Through Athene, our retirement services business, we specialize in helping clients achieve financial security by providing a suite of retirement savings products and acting as a solutions provider to institutions. Our patient, creative, and knowledgeable approach to investing aligns our clients, businesses we invest in, our employees, and the communities we impact, to expand opportunity and achieve positive outcomes.

OUR PURPOSE AND CORE VALUES

Our clients rely on our investment acumen to help secure their future. We must never lose our focus and determination to be the best investors and most trusted partners on their behalf. We strive to be:

The leading provider of retirement income solutions to institutions, companies, and individuals.

The leading provider of capital solutions to companies. Our breadth and scale enable us to deliver capital for even the largest projects – and our small firm mindset ensures we will be a thoughtful and dedicated partner to these organizations. We are committed to helping them build stronger businesses.

A leading contributor to addressing some of the biggest issues facing the world today – such as energy transition, accelerating the adoption of new technologies, and social impact – where innovative approaches to investing can make a positive difference.

We are building a unique firm of extraordinary colleagues who:

Outperform expectations

Challenge Convention

Champion Opportunity

Lead responsibly

Drive collaboration

As One Apollo team, we believe that doing great work and having fun go hand in hand, and we are proud of what we can achieve together.

OUR BENEFITS

Apollo relies on its people to keep it a leader in alternative investment management, and the firm’s benefit programs are crafted to offer meaningful coverage for both you and your family. Please reach out to your Human Capital Business Partner for more detailed information on specific benefits.

POSITION OVERVIEW:

The Analyst role is within the Cybersecurity Architecture & Engineering group that oversees and manages the security of Apollo’s applications, cloud, email, identity, infrastructure and Operating Systems across the organization.  This role focuses on day-to-day security tasks, managing tickets, creating dashboards, automating tasks, and tracking important security metrics.  It’s a great opportunity for someone relatively new to the field who wants to grow their skills while working on meaningful projects. The ideal candidate is a self-driven cybersecurity professional with hands-on experience in infrastructure security and/or infrastructure/networking system administration. They should be well-versed in managing a Microsoft technology stack, including Windows Server OS, Active Directory, Group Policy, with experience in Linux being a strong plus. Additionally, the candidate should have experience with cloud IaaS platform, virtualization, and containerization.

In this position, the candidate will perform various tasks directed by Cyber management, including monitoring security tools and systems, handling tickets, and assisting with platform deployments. They will create dashboards and metrics to track system health and security trends, automate repetitive tasks, and work with other teams to ensure systems and applications are secure. The role involves writing clear guides and checklists, staying updated on the latest security trends, and reviewing CSPM/CNAPP and other tools to identify and prioritize risks. The candidate will also review firewall requests, increase compliance of server backups, and collaborate with internal teams to design secure solutions for business-critical platforms and applications.

PRIMARY RESPONSIBILITIES

• Daily Tasks
  • Perform duties as directed and prioritized by Cyber management.
  • Effectively communicate and interact with colleagues across the Cyber Security team, as well as the broader Global Technology and Infrastructure teams.
  • Monitor security tools and systems to identify and help fix risks.
  • Monitor backups, track Cyber tools on systems are up-to-date and working as expected.
  • Work with ServiceNow tickets/queue to handle security issues, requests, and changes. 
  • Field after-hours escalations and support, work with SOC as needed.
  • Research & develop operational improvements and engineering best practices for in-scope areas.
  • Assist with new platform deployments and administration of existing ones.
• Dashboards and Metrics
  • Create easy-to-understand dashboards showing system health and security trends.
  • Track and report on security metrics like risks fixed, system updates, and compliance.
  • Help automate repetitive tasks to save time and reduce errors.
• Teamwork
  • Work with other teams to review systems and applications, ensuring they’re secure.
  • Help set up better processes and tools for monitoring and alerting on security issues.
• Documentation
  • Write clear guides and checklists for security tasks and tools.
  • Look for ways to make processes smoother and suggest improvements.
• Learning
  • Stay updated on the latest security trends and tools.
  • Use training and mentoring opportunities to build your skills.
• Effectively communicate and interact with colleagues across the Cyber Security team, as well as the broader Global Technology and Infrastructure teams.
• Review CSPM/CNAPP and other tools to identify risks, work to prioritize findings and drive remediation efforts.
• Review firewall requests and provide approvals as appropriate.
• Increase compliance of server backups and adoption of cyber tools on system assets.
• Identify gap areas, platforms, technologies or processes that have opportunity for improvement.

• Work in concert with application, development, infrastructure and product teams to design secure solutions for business-critical platforms and applications.
• Conduct reviews of existing and incoming applications & platforms being onboarded into the environment for design best practices, controls and adherence to standards.
• Monitor and track KPI’s including Developer engagement and training associated with the AppSec program.
• Work with Development/DevOps team(s) to integrate AppSec tools into the CI/CD pipeline advancing the overall SDLC and automated security testing.
• Assist the Cyber Vulnerability Management team and help drive code remediation efforts.
• Help operationalize certificate management and renewal of certs, maintain ServiceNow data quality for in-scope applications.
• Collaborate with internal teams to assess security posture and controls, participate in triage for Major Incidents and cyber investigations as directed.
• Stay current with the latest security trends and threats, applying this knowledge to improve our overall security posture.
• Document runbooks, best practices, standards, controls and team initiatives using operationally repeatable patterns.

Qualifications & Experience

• At least 10-15 years of hands-on professional experience in infrastructure security or 5 to 7 years of IT infrastructure systems administration with a security focus.

• Well versed in managing a Microsoft technology stack including Windows Server OS, Active Directory, Group Policy, Exchange/O365, SQL and PowerShell.  Experience managing Linux is a strong plus.

• Experience with Azure and VMware vCenter.

• Bachelor’s Degree in Computer Science, Information Technology/Security related field or comparable level of certifications (combination of MCSE, CISSP, CCNA, ITIL, VCP, CompTIA Sec+ etc.)
• Familiarity with systems management, CMDB, ticketing, inventory or SaaS security tools.
• Excellent collaboration, critical thinking skills and the ability to work in a dynamic environment.
• Familiarity with industry security standards and frameworks such as NIST, ISO 27001 or MITRE ATT&CK.
• Familiarity with the regulatory environment of the financial services industry or a similarly regulated industry and its impact on infrastructure security is a plus.

• Apollo provides equal employment opportunities regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race, colour, nationality, ethnic or national origin, religion or belief, veteran status, gender/sex or sexual orientation, or any other criterion or circumstance protected by applicable law, ordinance, or regulation. The above criteria are intended to be used as a guide only – candidates who do not meet all the above criteria may still be considered if they are deemed to have relevant experience/ equivalent levels of skill or knowledge to fulfil the requirements of the role. Any job offer will be conditional upon and subject to satisfactory reference and background screening checks, all necessary corporate and regulatory approvals or certifications as required from time to time, and entering into definitive contractual documentation satisfactory to Apollo.