Posted:
7/25/2024, 5:00:00 PM
Location(s):
New York, United States ⋅ New York, New York, United States
Experience Level(s):
Mid Level ⋅ Senior
Field(s):
IT & Security
Workplace Type:
On-site
Reports to:
Head of Security EngineeringBullish is seeking someone highly experienced in Security Operations and Incident Response to join the SOC team. The successful candidate will act as the local manager for SOC analysts within the US and will be the primary escalation point for the region with the responsibility of Incident Manager.
The successful candidate will be expected to take part in the on-call rota to periodically provide cover for addressing any high and critical events outside normal working hours
This position reports to the Global Head of Security Operations based in Hong Kong.
This position is an on-site role, the successful candidate will work in our New York office.
Role & Responsibilities
Provide supervision to SOC Analysts based in the US.
Act as the primary escalation point for the region and perform the role of Incident Manager.
Manage day to day activities of Bullish Security Operations Center (SOC) ensuring Service Level Objectives are met.
Monitor and respond to security incidents, perform containment and forensic investigations.
Coordinate with various teams across the organization for security incident response.
Identify gaps from incidents and recommend controls for improvement.
Develop and maintain incident playbooks and SOPs.
Develop detection use cases in SIEM.
Analyze security event data for proactive threat hunting.
Conduct research on latest threats and vulnerabilities to improve incident response readiness and capabilities.
Organize or take part in Tabletop and Red/Purple team exercises to improve the organization's incident response readiness.
Update policies and procedures as needed to ensure compliance with regulatory requirements.
Experience & Qualifications
5+ years of verifiable experience in Security Operations and Incident Response.
Experience in performing the role of an Incident Manager.
Experience in performing analysis with SIEM technologies such as Splunk and / or Google Chronicle.
Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks.
Understanding and working knowledge of security controls/tools such as host-based and network-based IDS/IPS, WAF, EDR, etc.
Understanding of networking protocols, operating systems and cyber security concepts and technologies.
CISSP, CISM, GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User or similar certifications are highly advantageous.
Other security certification from recognized bodies is a plus.
Experience in forensic tools and malware analysis is a plus.
Experience with Cloud environments such as AWS and GCP is a plus.
Ability to work across different regions in a process/procedure driven organization.
BS/BA degree in Cyber Security/Computer Science or equivalent combination of related work experience desired.
Excellent verbal and written presentation skills with a proficiency
Annual Base Salary
US$157,120 to US$214,281
Bullish is proud to be an equal opportunity employer. We are fast evolving and striving towards being a globally-diverse community. With integrity at our core, our success is driven by a talented team of individuals and the different perspectives they are encouraged to bring to work every day.
Website: https://bullish.com/
Headquarter Location: San Francisco, California, United States
Employee Count: 251-500
Year Founded: 2018
IPO Status: Private
Last Funding Type: Seed
Industries: Financial Services ⋅ Information Technology