Security Operations Center Analyst

Cantor Fitzgerald’s Global Information Security team is seeking an Information Security Operations Engineer with background and knowledge of Linux systems and Cloud infrastructure. The successful candidate will need to be able to work in a fast-paced environment, planning, coordinating, and executing all facets of our program and will play a critical role in detecting, responding to, and mitigating security threats across enterprise environment.

Responsibilities will include:

• Monitor, analyze, and respond to security events and incidents using SIEM and other security tools.
• Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency.
• Perform threat hunting and forensic investigations across IT environment.
• Collaborate with infrastructure and application teams to ensure secure configurations and compliance.
• Maintain and improve endpoint protection, intrusion detection/prevention systems.
• Document incident response procedures and contribute to post-incident reviews.
• Create network diagrams and as-built documents.
• Develop and maintain a strong partnership with relevant global businesses and technical leaders and teams, including 3rd parties and affiliate businesses.
• Stay current with emerging threats, vulnerabilities, and security technologies.

Qualifications and Skills:

Education

• Bachelor's Degree in MIS, CIS, Cybersecurity or similar.
• At least five years of Security Operations.
• At least three years of Linux Administration.
• At least two years of Cloud (AWS or Azure) Administration.

Must-Have Skills

• Linux and Windows OS.
• DNS.
• Certificate Management: Digicert, AppViewX.
• Experience with ticket management solutions: Dynamics 365, ServiceNow, Remedy, etc.
• Experience with PMO tools such as Jira, Smartsheet, Monday.com, etc.
• Microsoft O365 products (Excel, PowerPoint, etc.).
• SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel).
• Configure and troubleshoot EDR/ Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS.
• Azure Security Center and Office365 Compliance Portal.
• AWS and Azure (IAM, IaaS, PaaS).
• Knowledge in KQL queries in Sentinel and/or SPL in Splunk for developing use cases, dashboards, custom rules, custom parsers.
• Intermediate Understanding of services and protocols commonly used in hosting environments: web servers, database servers, active directory protocols.
• Understanding of network packet analysis using tools such as Wireshark and TCPDump.
• Collaboration and communication skills across multiple teams and businesses.

Good-to-Have Skills

• Relevant certifications such as AWS Security Specialty, CISA, CISM, GIAC, Security+, or CISSP.
• Palo Alto Firewall, F5 LTM/GTM.
• Palo Alto Cortex suite of tools.
• Network technologies: switching, routing, wireless.
• PowerShell and Python Scripting.
• Power BI and Power Automate.
• Integrating security systems via API, etc.