Automation Engineer - Technical Consultant, Cyber Defence Operations
About the opportunity Department Description
The Global Cyber & Information Security function is a part of the Global Technology department. The Global Technology Group function provides IT services to the Fidelity International business. These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, marketing and customer service functions. The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation.
Global Cyber & Information Security is made up of the following functions;
- Application Security
- Centralised Access Management
- Infrastructure Security
- Security Engineering and Architecture
- Security Application Support
- Cyber Defence Operations (CDO)
- Information Security (and the ISO function)
The Cyber Defence Operations function at Fidelity International is part of the Global Cyber & Information Security (GCIS) Group, reporting to the Head of Global Cyber & Information Security. Our mission is to develop an intelligence-led, proactive cyber security response to defend Fidelity and its assets from cyber threats, to reduce risk and business impact. We adopt an 'assumed breach' position using multiple in-depth capabilities for protection, detection and response along with established playbooks to enable rapid response when an event occurs. Purpose of your role
The successful candidate will be experienced in security operations, understanding the value of automated security actions and how this can enhance an analysts response to events. This is a critical role expected to build and maintain our security automation capability and help mature our monitoring and response processes.
The successful candidate will be comfortable working at a deep technical level, proactively suggesting automation actions whilst also being able to prioritise automation suggests from our front-line team. The successful candidate will be able to demonstrate understanding of frontline security analysts workloads, experience in simplifying and automating security actions and an understanding on how best to maintain automation tooling. The role will be supported by a global team of detect and respond analysts who are looking at this role to provide them with capacity to perform more advanced hunting across our estate. It will also be supported by a strong security leadership team who are keen to develop our automation capability underpinned by our investment in leading security tooling. Our leadership team will be looking at this role to significantly decrease our time to respond - a key KPI for us. Key Responsibilities
• Ensure simple, repeatable, manual tasks are automated
• Ensure a "best-practice" program is in place to manage and maintain our security automations
• Proactively suggest automations to our frontline teams
• Develop an automation strategy, initially focussing on quick-wins that can immediately help free up analyst time
• Create regular workshops to obtain automation suggestions from our frontline teams
• Ensure multiple security controls are feeding into automation technologies allowing us to make intelligent correlated decisions
• Working with other security teams to look at how we can use their data to enhance our own monitoring Experience and Qualifications
• Experience and strong understanding of frontline security operations
• Competent in scripting languages required for automation e.g KQL, C, C++, Java, Python, etc
• Experience creating or continually improving an automation program
• Some reporting ability, with an understanding on how to tailor reports to show capacity and efficiency improvements
• Familiarity with how to build automations in a scalable easily maintainable way
• In depth understanding of modern security automation technologies
• Understanding of how raw security data can flow between technologies and be manipulated to provide useful security information.
• Experience in cloud environments would be desirable
• Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning this into improvements.
• Banking or Finance industry related experience desirable
• Security Engineering certifications preferred Soft skills
Your skills and experience
- Analytical skills
- Challenge the current processes
- Passion for the cybersecurity field
- Time management
- Able to organize others
Nice to have
- At least 2 years of experience working in a SOC or Incident Response position.
- Knowledge of or experience working with security (SIEM, NetFlow, IDS/IPS, Anti-Virus)
- Experience explaining the risk of security threats and creating mitigations.
- Experience of general IT infrastructure technologies and principles.
- Understanding of the underlying protocols including: HTTP, HTTPS, SMTP, SQL.
- Understanding of Networking Architecture (OSI Model).
- Experience using data science or advance analytical tools to solve security incidents.
- Ability to automate tasks using scripting on both Windows and Linux systems.
- Experience dealing with security incidents using the NIST framework.
About you About Fidelity International
- Nice to Have Certifications - Security+, Network+, GCIA
Fidelity International offers investment solutions and services and retirement expertise to more than 2.5 million customers globally. As a privately-held, purpose-driven company with a 50-year heritage, we think generationally and invest for the long term. Operating in more than 25 locations and with $611.4 billion in total assets, our clients range from central banks, sovereign wealth funds, large corporates, financial institutions, insurers and wealth managers, to private individuals.
Our Workplace & Personal Financial Health business provides individuals, advisers and employers with access to world-class investment choices, third-party solutions, administration services and pension guidance. Together with our Investment Solutions & Services business, we invest $471 billion on behalf of our clients. By combining our asset management expertise with our solutions for workplace and personal investing, we work together to build better financial futures.
Our clients come from all walks of life and so do we. We are proud of our inclusive culture and encourage applications from the widest mix of talent, whatever your age, gender, ethnicity, sexual orientation, gender identity, social background and more.
As a flexible employer, we trust our people to perform their role in the way that works best for them, our clients and our business. We are a disability-friendly company and would welcome a conversation with you if you feel you might benefit from any reasonable adjustments to perform to the best of your ability during the recruitment process and beyond. Data as at 30 September 2020. Read more at https://www.fidelityinternational.com/
Applying to this Job Role: Please note you are only required to upload your CV/Resume to the application screen.