Security Analyst - Incident Response
Job Description
- Experience with SIEM (Splunk/QRadar)
- Experience with EDR platforms (CrowdStrike/Carbon Black)
- Experience with Incident ticketing systems (ServiceNow/JIRA)
- Experience with Windows/Linux log analysis
- Experience with Network traffic analysis
- Experience with Malware detection tools
- Experience with IOC collection and analysis
- Experience with Basic forensic tools
- L1/L2 alert analysis background
- Experience with incident playbooks
- Exposure to MITRE ATT&CK framework
- Understanding of kill chain methodology
- Basic threat intelligence usage
Company Overview
Interactive Brokers Group, Inc. (Nasdaq: IBKR) is a global financial services company headquartered in Greenwich, CT, USA, with offices in over 15 countries. We have been at the forefront of financial innovation for over four decades, known for our cutting-edge technology and client commitment.
IBKR affiliates provide global electronic brokerage services around the clock on stocks, options, futures, currencies, bonds, and funds to clients in over 200 countries and territories. We serve individual investors and institutions, including financial advisors, hedge funds and introducing brokers. Our advanced technology, competitive pricing, and global market help our clients to make the most of their investments.
Barron's has recognized Interactive Brokers as the #1 online broker for six consecutive years. Join our dynamic, multi-national team and be a part of a company that simplifies and enhances financial opportunities using state-of-the-art technology.
Position Overview:
Seeking a Security Analyst to join our Security Operations Center (SOC), focusing on incident response and threat detection. This role involves working with enterprise SIEM platforms, EDR solutions, and incident management tools to protect IBKR's global trading infrastructure.
Key Responsibilities:
- Triage and investigate security alerts using SIEM/EDR tools
- Execute incident response playbooks
- Perform malware analysis and IOC identification
- Create incident tickets and maintain documentation
- Conduct initial forensic data collection
- Support security event correlation and analysis
- Monitor suspicious endpoint activities
- Participate in 24x7 incident response coverage
Required Technical Skills:
- Experience with SIEM (Splunk/QRadar)
- EDR platforms (CrowdStrike/Carbon Black)
- Incident ticketing systems (ServiceNow/JIRA)
- Windows/Linux log analysis
- Network traffic analysis
- Malware detection tools
- IOC collection and analysis
- Basic forensic tools
Required Experience:
- 2-3 years SOC/IR experience
- L1/L2 alert analysis background
- Experience with incident playbooks
- Exposure to MITRE ATT&CK framework
- Understanding of kill chain methodology
- Basic threat intelligence usage
Technical Environment:
- SIEM platforms
- EDR solutions
- TIP platforms
- Forensic tools
- Network monitoring tools
- Vulnerability scanners
- Incident management systems
Work Requirements:
- Rotating shifts (24x7 SOC)
- Incident response handling
- Alert triage and escalation
- Documentation and reporting
- Team collaboration
Growth Path:
- Advanced IR certification support
- Threat hunting training
- Digital forensics exposure
- Technical skill development
- Senior analyst progression
Company Benefits & Perks:
- Competitive salary package.
- Performance-based annual bonus (cash and stocks).
- Hybrid working model (3 days office/week).
- Group Medical & Life Insurance.
- Modern offices with free amenities & fully stocked cafeterias.
- Monthly food card & company-paid snacks.
- Hardship/shift allowance with company-provided pickup & drop facility*
- Attractive employee referral bonus.
- Frequent company-sponsored team-building events and outings.
* Depending upon the shifts.
**The benefits package is subject to change at the management's discretion.
