London Stock Exchange Group Careers – Principal GSOC L3 Analyst In Edinburgh

Overview

Position Title: Principal GSOC L3 Analyst

Company: LSEG (London Stock Exchange Group)

Location: Edinburgh, Scotland, United Kingdom

Job Description

Provides timely and accurate end-of-day evaluations. Evaluations are used by banks, brokerage houses, insurance companies, and asset managers for client statements, research, risk analysis, and portfolio valuation. Analyzes collateral, prepayment speeds, waterfalls, and trading activity. Obtains quotes from trading desks, analyzing these quotes, and applying them to appropriate issues. Conducts quality control checks to insure pricing accuracy. Consults directly with customer contact. Handles most price challenges unless the customer strongly disagrees with the pricing levels. If the customer strongly disagrees, the price challenge would then be reviewed by the Lead.

Responsibilities:

• Serve as a focal technical lead on cyber security events and incidents.
• Provide technical, hands-on incident investigation and support and serve as a primary point of contact with management.
• Conduct complex digital forensics and advanced malware analysis investigations.
• Preserve, harvest and analyse data from computer systems including desktops, servers (virtual/physical) and mobiles.
• Manage the chain of custody for all evidence collected during incidents, security, and forensic investigations.
• Build and enhance defensive capabilities using monitoring technologies including SIEM and EDR.
• Perform proactive threat hunting to identify cyber threats.
• Train level 2 incident responders in the steps to take to investigate and resolve computer security incident

Requirements:

• Digital forensics/incident response certification(s) such as SANS, CREST or equivalent.
• Deep understanding of common cyber adversary tools, techniques and procedures.
• Strong working knowledge of networks including the TCP/IP stack, typical organisation architectures, and common protocols abused by malware.
• Experience in security event analysis & triage, incident handling and root-cause identification.
• Knowledge of common incident handling frameworks (e.g. NIST, SANs).
• Experience in automating and refining incident response procedures/playbooks to maximise incident response efficiencies.
• Competent with one or more programming languages (e.g. Python, PowerShell, Java, C#).
• Experience with operating or administrating a SIEM (e.g. Splunk/QRadar/LogRhythm).
• Ability to build relationships and engage with all levels within an organisation.
• Ability to work with a sense of urgency while remaining calm under pressure.
• Strong verbal and written communication and collaboration skills.