Principal Cyber Security Analyst - Bridgewater Associates, LP Westport, CT, USA Bookmark Share Print 507 0 6

Listing Description

Bridgewater Associates is focused on understanding how the world works. By having the deepest possible understanding of the global economy and financial markets, and translating that understanding into great portfolios and strategic partnerships with institutional clients, we've built a distinct track record of success. We've done this for more than 40 years by having great people operate in a culture of radical truth and radical transparency. Today, we manage about $160 billion for approximately 350 of the largest and most sophisticated global institutional clients including public and corporate pension funds, university endowments, charitable foundations, supranational agencies, sovereign wealth funds, and central banks.

Security Department Overview:

Our group is responsible for protecting Bridgewater’s people, culture, and ideas — specifically its investment engine, which manages over $160 billion in assets. We are implementing a three-pronged structure of staff, cyber, and physical security and investing in world-class practitioners and cutting-edge technology to help us hold the highest standards in the ever-changing threat landscape. We’re committed to becoming the most innovative and formidable security team in the world.

Position Summary:

The Cyber Security Principal Analyst is Bridgewater’s last line of defense, responsible for building, testing, and operating systems to monitor all activity on our network, as well as developing innovative solutions to track and defend against sophisticated adversaries. Successful applicants will have in-depth technical knowledge of adversary tactics, techniques, and procedures; have the ability to build analytics that can be applied to the discovery and tracking of advanced adversaries; the ability to analyze, correlate, and interpret complex events and anomalies to find indicators of attack; and the ability to innovate detection techniques leveraging engineering teams based on the advanced threats of today and the future. The Principal Analyst role is able to assume incident command during IR, communicate clearly, and collaborate with other experts with the proven ability to transfer knowledge and inspire a growth mindset.

Candidate Evaluation Criteria:

Candidates will be evaluated based on their proven track record of proficiency at the following competencies:

• SIEM experience in custom queries, searches, datamodels, creating correlated alerts, and dashboards

• Ability to pivot across different data sources to understand events, their impact, and associated risk

• Ability to understand anomalous activity and improve analytics using institutional understanding

• Expert knowledge of and understanding of adversaries TTPs and the attacker kill-chain

• Advanced understanding of malware and malware behavior

• Expert analytical thinking

• Self-motivated, independent thinking, willing to challenge the status quo

• A deep desire to win and persist in challenging and fast moving environment

• Experience working in a dynamic and collaborative environment, able to speak about complex and technical topics with non-technical and technical colleagues

Position Requirements:

• Broad understanding of the risks facing the technology industry, including current and emerging threats

• Bachelor’s degree or higher in a technical field or equivalent work experience

• In-depth knowledge of cyber security monitoring and incident response procedures

• Solid understanding of network protocols and architecture

• Strategic thinker and problem solver with excellent analytical and reporting skills

• Ability to leverage both open-source and commercial tooling to quickly close investigations

• Broad information technology experience to design remediation plans

• Strong oral and written communication, organization, and interpersonal skills

Preferred Experience with:

• Scripting/programming (Python, PowerShell, Lua, C, Bash, etc.)

• Cloud technologies such as AWS, Azure, etc.

• Offensive tools and techniques

• Knowledge of advanced malware analysis techniques

• Certifications in SANS, Offensive Security• Monitor for and investigate internal and external threats leveraging best of breed technologies, surrounded by world class analysts

• Quickly correlate multiple data sources and apply various analytical techniques to determine the best remediation strategy, and track incident to completion

• Isolate, review, and analyze software of unknown origin, and quickly determine intent

• Build and document tools and processes for logging, forensics, and analysis of alerts and anomalies

• Keep up to date with current trends, tactics, and vulnerabilities in the security space

• Serves as the highest escalation point for technical analysis and response during investigations

• Provide mentorship, training, and development to junior tiered analysts