Fisher Investments is growing internationally, and we are looking for an Information Security Specialist to join our team to guide future global growth through strategic solutions and new ideas. You will help support our firm's diverse departments by managing security controls, identifying risks to our organization, and with Technology and Governance teams at an Enterprise level.
As the Information Security Specialist, you will provide support to the incident response, application and networking teams, and work with IT infrastructure, application development, security operations, security audit and end-user sources of information to ensure collection, correlation and reporting, and facilitation of corporate-wide security events.
You will provide preventive analysis of systems through product-specific SIEM tools and ancillary solutions used in security. You will also ensure SIEM solutions aid in the output of metrics to senior management to help maintain a safe and secure enterprise technical operation. Daily, the specialist ensures SIEM solutions are healthy, maintaining integrity and performing, and that capacity keeps up with demand.
You will report to the Information Security Vulnerability Management Team Leader.
- Work as part of a growing Vulnerability Management team in both an operational and project-based capacity
- Work with the other engineering teams to architect secure environments based on risk assessments
- Identify and make recommendations to address potential security and operational risks, develop contingency and mitigation plans
- Contribute to frequent interaction with all Information Security teams, Technology, Project, and Governance teams to build business and technology plans that instill cybersecurity policies
- Assist to ensure "Security by Design" philosophy across technology
- Be a lead engineer for SIEM design and related components
- Ensure the confidentiality, integrity and availability of logs
- Manage event and log collection, reporting and compliance requirements
- Develop SIEM dashboard tools required by technical teams
- Be an essential member and contact for incident response processes
- Maintain up-to-date level of knowledge related to security threats, vulnerabilities and mitigations set forth to reduce attack surface
- Tune the SIEM with threat intelligence sources (e.g., premium, industry-shared, open-source and dark web), and correlate event indicators and threats
- Support automation projects using playbooks, while also using human analysis
- Connect events to contextual security reports that security management and technical teams can easily comprehend
- Participate in threat hunting tabletop exercises to hone and strengthen skills across the team
- Contribute to security projects across the business to implement event and logging requirements
- 3+ years' cybersecurity experience (or IT coupled with cybersecurity) with at least 2 years in an engineering-based role supporting SOC and IR teams
- Basic knowledge of adversary tactics, techniques and procedures (TTPs) and MITRE ATT&ACK principles
- Experience translating complex technical concepts into business friendly language
- Use threat intelligence platforms and SOAR solutions to centralize and manage incidents and remediation workflow
- Review and assess event and incident logs and work with SOC and IR teams to assess security events related to malware, vulnerabilities, exploits and kill chain methodology
- Experienced with one or more scripting languages (e.g., Python, PowerShell, and Bash)
- Experience in Financial Services or other regulated industry with security as a top priority
- Project management experience
- Technical Skills:
- Deep skill set and understanding of the Microsoft stack
- PaaS experience including Azure and AWS
- Splunk, Logrythm and cloud SIEM technologies
- Network analysis knowledge
- OSI model knowledge
- U.S. candidates must be fully vaccinated as defined by the medical community against COVID-19 and provide proof of such vaccination by date of hire
Why Fisher Investments:
At Fisher Investments, we work for a bigger purpose: bettering the investment universe. From unmatched service to unique perspectives on investing, it's the people that make the Fisher purpose possible. And we invest in them by offering benefits like:
- 100% paid medical, dental and vision premiums for you and your qualifying dependents
- A 50% 401(k) match, up to the IRS maximum
- 20 days of PTO*, plus 9 paid holidays
- 8 weeks paid Primary Caregiver Parental Leave
- Back-up Child Care Program available, offering up to 10 days annually
- A cumulative learning and development framework customized for every employee
- An award-winning work environment - we're Great Place to Work Certified, and Top Workplace winners from The Oregonian
We take great pride in our inclusive culture. We value the different perspectives and unique skills you bring to the team – it makes us all better. Success at Fisher Investments is motivated by results, a collaborative mindset and a commitment to accomplishing great things – so if you are ready to do that, we are ready for you! Apply today to be a part of a team environment where you make a difference in the lives of people by bettering the investment universe.
*California employees accrue up to 17 days of PTO and 3 days of sick time per year.
FISHER INVESTMENTS IS AN EQUAL OPPORTUNITY EMPLOYER