London Stock Exchange Group (LSEG) house a global Security Operations Center (SOC) responsible for the effective detection, prevention and response of cyber-attacks against LSEG, its employees, assets, business operations and customers. The role of a Security Engineer analyst sits within the heart of the SOC , continuously building and improving detection capability within the department.
LSEG are looking for a passionate and technical security engineer that will enable the effective detection of modern attacker techniques by maintaining the existing detection estate, as well as build new detection capability. The successful candidate will be able to translate the requirements from the Threat Intelligence team in to effective detection capabilities.
Furthermore, you will have an understanding of modern attacker Techniques, Tools and Procedures , have experience in modern SIEM technologies, as well as have a detailed understanding of security controls and how such controls contribute to the detection and prevention of threats.
Furthermore, the ideal candidate will have the following traits:
- Ability to work well under pressure.
- A continuous desire and willingness to learn and develop your existing knowledge and skillset.
- Frequently keeps up-to-date with the latest industry developments, utilising online resources such as blogs, social media and security-specific news outlets.
- Good verbal and written communication skills, with particular ability to communicate technical information to non-technical stakeholder.
Ke y responsibilities of the role:
- Build effective detection use cases within the chosen SIEM while minimising false positives.
- Utilise online resources for researching and collecting threat intelligence to enhance the SOC’s abilities to detect cyber-attacks.
- Utilise telemetry available throughout the LSEG environment to build and improve detection capabilities.
- Testing of existing and new detection use cases.
Essential Skills & Experience:
- Experience with administration of a SIEM
- Strong working knowledge of networks including the TCP/IP stack, typical organisation architectures, and common protocols abused by malware.
- Knowledge of current operating environments (Microsoft & Linux).
- Knowledge of information security protection, detection and authentication systems (firewalls, IDS, IPS, anti-virus, Active Directory etc).
- Understanding of tools, techniques and procedures that attackers use to compromise organisations, ideally from direct experience.
Beneficial skills, experience and certifications:
- Certification demon s trating SIEM operational competences.
- Experience with Security Orchestration, Automation and Response (SOAR) platforms
- Basic knowledge of Python.
- Basic knowledge of AWS.
If you have questions about this job, please click on apply. The employer will contact you then.