Senior Cyber Security Engineer-Threat Detection (VP)
SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance.
Role Description
You will be a key member of a high-performing team responsible for security detection and monitoring capabilities and strategy. The team has a mixture of offensive and defensive cyber security expertise. The successful candidate will execute and drive detection engineering with minimal guidance.
Role Objectives
1. Data ingestion: selection and implementation of optimum data flows to ingest security data to our systems.
2. Data optimization: identify and filter data to relevant systems, such as SIEM for rule detection and Data Lake for investigations and incident response.
3. Identify, resolve and document operational issues and report time to respond and time to resolve.
4. Deliver a detection strategy to ensure SMBC is compliant for various Cyber Security Controls and Emerging Threats by implementing actionable security detections.
5. Creation and tuning of alerts and detections from a SIEM and other devices in response to changing threats.
6. Work with detection as code pipeline with built-in change control.
7. Build automated verification suites of our rule set to ensure rules are behaving as expected.
8. Conduct advanced adversary simulations to assess the effectiveness of our detections.
9. Integrate outputs from red teaming into security strategies.
10. Onboard new security tools to SOC monitoring including testing and verification.
11. Develop and implement enhancements to assist in detection, prevention, and analysis of security threats.
12. Automate robust enterprise solutions reducing manual effort.
13. Conduct proactive research to analyze security weaknesses and recommend strategies.
14. Manage tasks in an agile manner.
15. Collaborate across functions and vendors to drive implementation and enhancements of security detection capabilities.
16. Assess the effectiveness of cybersecurity measures utilized by systems.
17. Employ configuration management processes.
18. Design, develop, integrate, and update system security measures.
19. Develop mitigation strategies to address risks.
20. Trace system requirements to design components and perform gap analysis.
21. Measure and track metrics for the detection engineering process.
22. Maintain and create documentation in support of detection and response capabilities.
23. Provide mentoring, coaching, and professional development opportunities to team members.
Qualifications and Skills
1. 5+ years of relevant experience.
2. Experience with log analysis from multiple sources.
3. Experience with cloud SIEM, UEBA, NSM, EDR and/or other detection technologies.
4. Strong knowledge of Windows and Linux systems, Active Directory, Cloud technologies.
5. Ability to use logic and reasoning to identify solutions and improvements.
6. Experience of building detection as code pipelines.
7. Experience mapping detections to the MITRE framework.
8. Expertise in query languages.
9. Strong troubleshooting ability.
10. Ability to balance operational tasks with project work.
11. Ability to translate threat intelligence into actionable detection logic.
12. Scripting ability.
13. Experience in other areas of Cyber Security an advantage.
14. Work effectively and collaboratively in a global team environment.
15. Strong sense of self-ownership and attention to detail.
Additional Requirements
D&I Commitment: Responsible for fostering a culture of diversity and inclusion, holding leaders accountable for creating an inclusive environment.
SMBC’s employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office.
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.
#J-18808-Ljbffr