Senior Security Operations Analyst

The Bullish Group has built an ecosystem focused on developing financial services for the digital assets sector through technology and investment businesses. These include: Bullish Exchange - digital asset trading services that utilize central limit order matching and proprietary market making technology to deliver deep liquidity and tight spreads within a compliant framework. The business is licensed by the Hong Kong Securities and Futures Commission, German Federal Financial Supervisory Authority, and the Gibraltar Financial Services Commission. Since its launch in November 2021, Bullish Exchange has surpassed US$1.3 trillion in total trading volume, with 2H 2024 average daily volume exceeding US$2 billion. Bullish Capital - an investment company which offers strategic capital, industry expertise and an extensive network of resources to support initiatives that connect conventional finance with the revolutionary possibilities of the digital economy. CoinDesk - an award-winning media, events, indices and data business servicing the global crypto economy.

Reports to:

Information Security Manager, Security Operations & Incident Response

We are seeking a Senior Security Operations Analyst to join our global security operations and incident response team. In this highly critical role, you will be responsible for monitoring and analyzing security incidents, responding to threats in real-time, and ensuring the integrity of our systems and platforms. Your expertise will help identify vulnerabilities and enhance our security posture through proactive measures and collaboration with cross-functional teams. This position requires a keen analytical mindset, a strong understanding of security technologies, and the ability to thrive in a fast-paced environment. 

Role & Responsibilities

• Work closely with the SOC Manager across daily activities of the Security Operations Center (SOC) to ensure Service Level Objectives are achieved. 

• Continuously monitor security alerts and incidents using SIEM tools and other security technologies.

• Create detection use cases in the SIEM, analyze security event data for proactive threat hunting, and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and capabilities.

• Respond to security incidents, performing initial analysis and escalation as necessary.

• Participate in incident response planning and execution, ensuring timely containment and remediation of security breaches.

• Research and analyze emerging threats and vulnerabilities to adapt security measures accordingly.

• Document security incidents, identify gaps from incidents and recommend improvements, develop and maintain incident response plans and SOPs.

• Prepare detailed reports for stakeholders on security incidents and trends.

• Work closely with cross functional technical teams to ensure the security of systems and data.

• Participating in the on-call rotation for after-hours coverage, which include responding to security incidents, performing containment and forensic investigations

Experience & Qualifications

• BS/BA degree in Cyber Security/Computer Science or equivalent combination of related work experience desired.

• CISSP, CISM, GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User and/or similar certifications is preferred

• Verifiable experience in Security Operations and Incident Response.

• Experience in performing analysis with SIEM technologies such as Splunk and/or Google Chronicle.

• Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks.

• In-depth understanding and working knowledge of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR, etc.

• Very strong understanding of networking protocols, operating systems and cyber security concepts and technologies.

• Experience in forensic tools and malware analysis is a plus.

• Experience with Cloud environments such as AWS/GCP/Azure is a plus.

• Ability to work across different regions in a process/procedure driven organization.

• Excellent verbal and written communication and presentation skills.

Bullish is proud to be an equal opportunity employer. We are fast evolving and striving towards being a globally-diverse community. With integrity at our core, our success is driven by a talented team of individuals and the different perspectives they are encouraged to bring to work every day.