Senior Security Analyst

undefined ago • 8 Years + • Cyber Security

Job Summary

Job Description

Envestnet is seeking a highly skilled Senior Security Analyst for its Cyber Defense Team, reporting to the Director of Security Operations. This pivotal role involves safeguarding organizational assets by leading incident response, conducting security triage and analysis, vulnerability assessment, threat hunting, and security response automation. The analyst will continuously enhance the security framework and contribute to SOC processes. The ideal candidate will have extensive cybersecurity experience, strong analytical skills, and proven ability to manage complex security incidents, fortifying Envestnet's security posture.
Must have:
  • Lead and manage all stages of the incident response lifecycle.
  • Prepare comprehensive incident reports and communicate findings.
  • Perform in-depth analysis of security events, alerts, and logs.
  • Update and implement incident response playbooks and procedures.
  • Streamline and automate detection and prevention processes.
  • Contribute to the development and fine-tuning of the EDR platform.
  • Automate incident triage and response tasks using SOAR.
  • Ensure alignment of security operations with MITRE ATT&CK and NIST CSF.
  • Manage relationship with MDR vendor, tracking performance against SLAs and KPIs.
  • Conduct regular reviews of reports, incident trends, and feedback.
  • Conduct vulnerability assessments and gap analyses.
  • Collaborate with workload owners and cross-functional teams for remediation.
  • Engage in proactive threat and vulnerability searches.
  • Collaborate with offensive security team on Breach and Attack Simulation exercises.
  • Automate repetitive searches, monitor threat actor tactics, and manage simulated cyber-attacks.
  • Participate in evaluation, selection, and implementation of new security technologies.
  • Assist in writing best practice procedures for security services.
  • Implement end-point security using EDR, EPM, and AV tools.
  • Adhere to Envestnet legal, compliance, risk, business continuity, and administrative policy.
  • Understand and support Envestnet's corporate business practices, policies, and internal controls.
Good to have:
  • Relevant industry certifications in Incident Response and Forensics (GIAC (GCIH, GCFA, GCFE), CISSP, or CEH)
  • Familiarity with cloud security (AWS, Azure, GCP)
Perks:
  • Competitive Compensation/Total Reward Packages
  • Health Benefits (Health/Dental/Vision)
  • Paid Time Off (PTO) & Volunteer Time Off (VTO)
  • 401K – Company Match
  • Annual Bonus Incentives
  • Parental Stipend
  • Tuition Reimbursement
  • Student Debt Program
  • Charitable Match
  • Wellness Program

Job Details

Description

Envestnet is transforming the way financial advice is delivered through its connected technology, advanced insights, and asset management solutions – backed by industry-leading service and support. Since 1999, Envestnet has served the wealth management industry and today supports trillions in platform assets, serving over a hundred thousand financial advisors. The vast majority of the nation’s leading banks, the largest wealth management and brokerage firms, and over 500 of the largest RIAs rely on Envestnet’s wealth management platform and solutions to drive business growth, boost productivity, and deliver better financial outcomes for their clients.

Envestnet’s Strategy:

  • Deliver the industry-leading wealth management platform, powered by advanced data and insights
  • Leverage our scale and efficiencies to serve our clients’ needs comprehensively
  • Enable financial advisors to deliver more holistic advice – reflecting a more complete view of their clients’ financial lives, and in a more connected environment

For more information, please visit www.envestnet.com.

Job Summary:

We are seeking a highly skilled and experienced Senior Security Analyst to join Envestnet's Cyber Defense Team. This role will report into the Director of Security Operations. In this pivotal role, you will be entrusted with safeguarding our organization's assets through leading incident response, conducting thorough security triage and analysis, Vulnerability assessment, Threat Hunting, Security response Automation and continuously enhancing our overall security framework. As a vital member of our team, you will contribute significantly to the development and maintenance of our Security Operations Center (SOC) processes and procedures.

The ideal candidate will possess extensive experience in cybersecurity, exceptional analytical skills, and a demonstrated ability to effectively manage and resolve intricate security incidents. This position is fundamental to our mission of fortifying our security posture and ensuring the protection of our critical assets.

Job Responsibilities:

  • Lead and manage all stages of the incident response lifecycle, which includes detection, analysis, containment, eradication, recovery, and post-incident review. Prepare comprehensive incident reports and effectively communicate findings to both technical and non-technical stakeholders.
  • Perform in-depth analysis of security events, alerts, and logs from various tools such as SIEM, EDR, IDS/IPS, and firewalls to identify and investigate potential threats. Update and implement incident response playbooks and procedures to ensure the efficient and effective handling of security incidents. Streamline and automate detection and prevention processes to enable rapid response, consistent triage, and swift root cause analysis and recovery.
  • Contribute to the development and fine-tuning of the EDR platform, automating incident triage and response tasks using SOAR to create state-of-the-art detection capabilities. Ensure alignment of security operations and detection platforms with industry-standard frameworks such as MITRE ATT&CK and NIST CSF.
  • Manage the relationship with the MDR vendor, tracking performance against SLAs and key performance indicators (KPIs). Conduct regular reviews of reports, incident trends, and feedback from internal teams.
  • Conduct vulnerability assessments and gap analyses to determine security weaknesses in systems, applications, and networks. Collaborate with workload owners and cross-functional teams to coordinate remediation activities.
  • Engage in proactive threat and vulnerability searches, leveraging threat intelligence and Envestnet's network knowledge. Collaborate with the offensive security team on Breach and Attack Simulation (BAS) platform exercises. Automate repetitive searches using various tools, monitor threat actor tactics, and manage simulated cyber-attacks based on prioritized threats.
  • Participate in the evaluation, selection, and implementation of new security technologies and solutions.
  • Assist in writing best practice procedures for services such as incident analysis, incident response coordination, security audits or assessments, certificate authority, log analysis and diagnostics, and host vulnerability scanning. Implement end-point security using EDR, EPM, and AV tools.
  • Adherence to and application of Envestnet legal, compliance, risk, business continuity and administrative policy within the role and department(s) including the timely completion of training & awareness, affirmations and testing as requested.
  • As part of the responsibilities for this role, you will understand and readily support Envestnet's established corporate business practices, policies, internal controls and procedures designed to create value or minimize risk

Similar Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Skill Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Jobs in Berwyn, Pennsylvania, United States

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Cyber Security Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Berwyn, Pennsylvania, United States (Hybrid)

Berwyn, Pennsylvania, United States (Hybrid)

Berwyn, Pennsylvania, United States (Remote)

Thiruvananthapuram, Kerala, India (On-Site)

Thiruvananthapuram, Kerala, India (On-Site)

Denver, Colorado, United States (On-Site)

Boston, Massachusetts, United States (Hybrid)

Berwyn, Pennsylvania, United States (Hybrid)

Raleigh, North Carolina, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Yodlee

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug