At a Glance
- Tasks: Join us to simulate cyber-attacks and enhance our security capabilities.
- Company: TP ICAP, a global leader in market infrastructure and data solutions.
- Benefits: Competitive salary, hybrid work model, and opportunities for professional growth.
- Other info: Inclusive culture that values diverse perspectives and continuous improvement.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technology.
- Qualifications: Experience in offensive security and knowledge of modern attacker techniques.
The predicted salary is between 60000 - 75000 £ per year.
The TP ICAP Group is a world leading provider of market infrastructure. Our purpose is to provide clients with access to global financial and commodities markets, improving price discovery, liquidity, and distribution of data, through responsible and innovative solutions. Through our people and technology, we connect clients to superior liquidity and data solutions. The Group operates from more than 60 offices in 27 countries. We are 5,300 people strong. We work as one to achieve our vision of being the world's most trusted, innovative, liquidity and data solutions specialist.
Role Overview: TP ICAP are seeking an experienced Red/Purple team operator to assist the Adversary Emulation Manager with elevating TP ICAP's prevention and detection capability.
Role Responsibilities:
- Define and execute purple team sprints that materially and demonstrably improve TP ICAP's ability to prevent and detect modern attacks.
- Simulate both established and emerging attacker TTPs and personally build the respective detection rules and response procedures.
- Through the delivery of purple team sprints, identify opportunities to reduce TP ICAP's attack surface using preventative controls.
- Work in tandem with the SOC to:
- Tune existing rules and increase alert fidelity/decrease alert fatigue
- Include analysts on the purple team journey, aiding in staff retention
- Train analysts in modern attacker TTPs and the 'attacker mindset'
- Work with the Security Engineering team as necessary to support the deployment and tuning of security-related tooling, particularly those that pertain to prevention and detection.
- Develop processes for attack surface monitoring and constant validation through automation.
- Act as an escalation point for the SOC and assist with incident response.
- Feed into prioritisation of sprint focus areas.
Experience/Competencies:
- Practical experience emulating sophisticated cyber-attacks, likely in a Purple or Red Team capacity.
- Active contributor to offensive security research and/or tooling, perhaps presenting this research at industry-recognised conferences and forums.
- Able to evade defensive controls such as EDR and AV, tailoring open-source tooling and rolling your own where required.
- Experience working closely with the SOC to build detection capability.
- Strong knowledge of offensive security and modern attacker TTPs.
- Familiarity with Mitre ATT&CK.
- Development/automation experience.
- Familiarity with AWS is preferred.
Company Statement: We know that the best innovation happens when diverse people with different perspectives and skills work together in an inclusive atmosphere. That's why we're building a culture where everyone plays a part in making people feel welcome, ready and willing to contribute.
Location: UK - 135 Bishopsgate - London
TP ICAP connects people, platforms, ideas, and insight across the world's financial, energy and commodities markets. As a global leader in market infrastructure and data-led solutions, we enhance market access, increase efficiencies, and unlock possibilities.
Joining TP ICAP puts you at the heart of markets that matter. You'll have the freedom to innovate and act on your initiative. We'll train you and build your abilities in your specialist area, so that you can become an expert in your field.
Adversary Emulation Analyst in London employer: TP ICAP Group
TP ICAP is an exceptional employer, offering a dynamic work environment in the heart of London where innovation thrives. With a strong commitment to employee development, you will have access to training and growth opportunities that empower you to become an expert in your field. Our inclusive culture fosters collaboration and creativity, ensuring that every team member feels valued and engaged as we work together to shape the future of market infrastructure.
StudySmarter Expert Advice🤫
We think this is how you could land Adversary Emulation Analyst in London
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the industry. Attend meetups, webinars, or even just grab a coffee with someone who works at TP ICAP. You never know who might have the inside scoop on job openings!
✨Tip Number 2
Show off your skills! If you’ve got experience with offensive security or have worked on cool projects, don’t be shy about sharing them. Create a portfolio or a blog to showcase your work and insights. This can really set you apart from the crowd.
✨Tip Number 3
Prepare for the interview like it’s the big game! Research TP ICAP, understand their mission, and think about how your skills can help them improve their prevention and detection capabilities. Be ready to discuss your experience with modern attacker TTPs and how you can contribute.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining the TP ICAP team. Don’t miss out on this opportunity!
We think you need these skills to ace Adversary Emulation Analyst in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that align with the Adversary Emulation Analyst role. Highlight any relevant projects or experiences that showcase your ability to emulate cyber-attacks and work with SOC teams.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about offensive security and how your background makes you a perfect fit for TP ICAP. Don’t forget to mention any specific tools or methodologies you’re familiar with.
Showcase Your Technical Skills:In your application, be sure to highlight your technical expertise, especially in areas like Mitre ATT&CK, AWS, and automation. We want to see how you can contribute to our purple team sprints and improve our detection capabilities.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands and shows us you’re serious about joining our team at TP ICAP!
How to prepare for a job interview at TP ICAP Group
✨Know Your TTPs
Make sure you’re well-versed in the latest tactics, techniques, and procedures (TTPs) used by modern attackers. Brush up on the MITRE ATT&CK framework and be ready to discuss how you’ve applied this knowledge in previous roles.
✨Showcase Your Experience
Prepare to share specific examples of your experience in emulating cyber-attacks. Highlight any contributions to offensive security research or tooling, and if you've presented at conferences, mention that too. This will demonstrate your expertise and passion for the field.
✨Collaborate with the SOC
Be ready to discuss how you’ve worked closely with Security Operations Centres (SOCs) in the past. Talk about how you’ve helped build detection capabilities and tuned existing rules to improve alert fidelity. This shows you understand the importance of teamwork in cybersecurity.
✨Demonstrate Your Problem-Solving Skills
Think of scenarios where you had to evade defensive controls or develop automation processes. Be prepared to explain your thought process and the steps you took to overcome challenges. This will highlight your analytical skills and ability to think like an attacker.
