Vice President, Cyber Operations Engineer

Join BlackRock's global team of cyber security experts as a Vice President, Cyber Operations Engineer. This role involves protecting the business, developing cyber defense capabilities, and investigating security incidents. The analyst will support global Cyber Operations, act as an escalation point for regional incidents, perform daily reviews of alerts, and collaborate with technical teams to mitigate threats. Key responsibilities include incident response, threat hunting, forensics assistance, and developing SIEM logic, contributing to BlackRock's mission of financial well-being.

Must Have

• Act as an escalation point for regional information security incidents and support the response.
• Perform daily review of reports and alerts to identify Information Security events for further investigation.
• Act as a mentor for more junior team members.
• Perform investigation and escalation for complex or high severity security threats or incidents.
• Ensure that all identified events are promptly validated and thoroughly investigated.
• Collaborate with technical teams to identify, resolve, and mitigate events.
• Provide advice and guidance on the response action plans for information risk events and incidents.
• Assist with containment of threats and remediation of environment during or after an incident.
• Regularly develop new and interesting use cases for future SIEM logic.
• Participate in cyber threat hunts in support of the global cyber operations function.
• Assist with forensics investigations.
• Participate in the creation, modification and maintenance of all Cyber Monitoring policies and procedures.
• Keep abreast of cyber security trends and the emerging threat landscape.
• Deliver timely and detailed documentation related to any incident.
• 4+ years of experience in security operations center, or similar security technical and operational role.
• University Degree.
• Intermediate knowledge in system security architecture and security solutions.
• Intermediate knowledge of networking fundamentals.
• Intermediate knowledge of malware operation and indicators.
• Intermediate knowledge of current threat landscape.
• Intermediate knowledge of security related technologies and their functions.
• Intermediate knowledge of Windows and Unix or Linux.
• Intermediate knowledge of Firewall and Proxy technology.
• Intermediate knowledge of penetration techniques.
• Advanced event analysis leveraging SIEM tools.
• Advanced incident investigation and response skill set.
• Advanced log parsing and analysis skill set.
• Strong oral and written communication skills.
• Attention to detail.
• Strong organizational skills.
• Experience with scripting.
• Knowledge of forensic techniques.

Good to Have

• MBA, CISSP, CISM, GCHI, CEH, CCNA, or GIAC certifications are preferred.
• Advanced knowledge of ServiceNow a plus.

Perks & Benefits

• Strong retirement plan
• Tuition reimbursement
• Comprehensive healthcare
• Support for working parents
• Flexible Time Off (FTO)

About this role

Overview

Join our global team of cyber security experts, protecting our business and developing exciting capabilities on the frontline of cyber defense. Apply your passion and knowledge of cyber security to assist in the investigation of incidents. The Cyber Operations Analyst needs to demonstrate thoughtful knowledge of the evolving cyber threat landscape, BlackRock’s risks, controls and security thresholds and recognize the expertise and importance of differentiated roles within the SOC. More specifically, the Analyst will support the global Cyber Operations function and have following key responsibilities:

• Acts as an escalation point for regional information security incidents and support the response to incidents impacting the region and/or occurring during regional business hours.
• Performs daily review of reports and alerts to identify Information Security events for further investigation while escalating exceptional events as necessary.
• Act as a mentor for more junior team members.
• Performs investigation and escalation for complex or high severity security threats or incidents.
• Ensures that all identified events are promptly validated and thoroughly investigated.
• Collaborates with technical teams to identify, resolve, and mitigate events.
• Provides advice and guidance on the response action plans for information risk events and incidents based on incident type and severity.
• Assists with containment of threats and remediation of environment during or after an incident.
• Regularly develop new and interesting use cases for future SIEM logic.
• Participate in cyber threat hunts in support of the global cyber operations function.
• Assist with forensics investigations.
• Participate in the creation, modification and maintenance of all Cyber Monitoring policies and procedures.
• Keep abreast of cyber security trends and the emerging threat landscape in general and as it relates to BlackRock.
• Deliver timely and detailed documentation related to any incident including the findings, review and follow-up activities.

BlackRock is committed to building great Cyber Security careers for our people, and we are looking for an individual with a passion for cyber security defense to continue the growth of our exceptional team.

What the ideal candidate looks like:

• 4+ years of experience in security operations center, or similar security technical and operational role is preferred.
• University Degree. MBA, CISSP, CISM, GCHI, CEH, CCNA, or GIAC are preferred.
• Action-oriented attitude and willingness to roll up sleeves.
• Intermediate knowledge in system security architecture and security solutions – IDS, Splunk, data loss prevention, next generation anti-malware, etc.
• Intermediate knowledge of networking fundamentals (TCP/IP, Network Layers, etc.).
• Intermediate knowledge of malware operation and indicators.
• Intermediate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.).
• Intermediate knowledge of security related technologies and their functions (IDS, IPS, FW, WAF, SIEM, DLP, Proxy, next gen anti-malware etc.).
• Intermediate knowledge of Windows and Unix or Linux.
• Intermediate knowledge of Firewall and Proxy technology.
• Intermediate knowledge of malware operation and indicators.
• Intermediate knowledge of penetration techniques.
• Advanced event analysis leveraging SIEM tools.
• Advanced incident investigation and response skill set.
• Advanced log parsing and analysis skill set.
• Advanced knowledge of ServiceNow a plus.
• Strong oral and written communication skills.
• Attention to detail.
• Strong organizational skills.
• Experience with scripting.
• Knowledge of forensic techniques.
• Integrity and the highest ethical standards.
• Rapidly assimilates complex data and information and displays a developed learning agility.
• Self-starter with the personal drive to achieve superior performance.
• Courage of convictions and the ability to respectfully debate the status quo.
• Natural curiosity and desire to always learn.