Senior Systems Analyst

About Us

Wellington Management offers comprehensive investment management capabilities that span nearly all segments of the global capital markets. Our investment solutions, tailored to the unique return and risk objectives of institutional clients in more than 60 countries, draw on a robust body of proprietary research and a collaborative culture that encourages independent thought and healthy debate. As a private partnership, we believe our ownership structure fosters a long-term view that aligns our perspectives with those of our clients.

About the Role

Wellington Management is seeking a Senior Cybersecurity Analyst; someone with an investigative mindset who is passionate about finding and stopping cyber threats. This role requires someone who can bring their expertise and innovative solutions to our dedicated global team and who has the technical and interpersonal skills to both independently lead investigations and help design and implement improved controls and processes. In this fast-paced and constantly evolving cybersecurity landscape, you will play a crucial role in combatting past, present, and future threats while also working directly with our technology and business partners to build an increasingly cyber resilient workforce.

JOB OVERVIEW

Our Cyber Defense Team’s primary mission is to understand ‘the normal’ and to continuously seek out and investigate the abnormal. As a Cyber Defense Team Senior Analyst, you will work closely with our business and technology teams to qualify and respond to threats to understand and refine processes and controls. Your responsibilities will include but are not limited to being an escalation point and expert on cyber incidents of various types, threat hunting for TTPs prioritized by internal and external threat intelligence, owning team process improvements as well as mentorship, and staying on top of industry technology and cyber threat advancements. We are a passionate global team dedicated to helping keep our clients and our firm safe.

RESPONSIBILITIES

• Maintain a core competency in event analysis and serve as an escalation point for noteworthy investigations, deeper investigations, and those that require critical attention.
• Continue to build out new capabilities within the program aligned with our attack surface. Opportunities include detection enhancements, improved or new standard operating procedures, and working with internal teams to tune and operationalize new technologies.
• Focus on continuing to develop dashboards, direct alerting, risk-based alerting, reports, and other objects as needed in Splunk.
• Continue to maintain a depth of knowledge within the cyber security field. This entails following threat actor activity targeting the industry and speaking knowledgeably at regular internal threat intelligence briefings.
• Leveraging threat intelligence, experience, and other inputs to perform active threat hunting.
• Work alongside the Attack Surface Management Team to build response playbooks on emerging vulnerabilities.
• Interface with technical and non-technical users to conduct fact-finding interviews, gather forensic artifacts and understand business processes.
• Engage with other teams as appropriate, either as a result of incident response, to build platform specific alerting, or to advocate for improvements to configurations or technologies.
• Continue to develop and improve the Cyber Incident Response Plan and advocate for the program.
• Participate in on-call rotation for escalated security events.

QUALIFICATIONS

• Experience in having worked in a Security Operations, CSIRT, or similar role and able to demonstrate a passion in Cyber Security.
• Experience building out functions of a Cyber Defense Team such as an insider risk, threat intelligence, breach attack simulation, or similar programs.
• Strong understanding of the fundamentals such as packet, file, and log analysis.
• Knowledgeable with various security infrastructure tools such as firewalls, intrusion prevention/detection systems, proxy servers, email controls, anonymizing technology, data loss prevention, Endpoint Detection and Response (EDR), and SIEM (Splunk).
• Strong understanding of common communication protocols, networking fundamentals and the necessary tools to analyze network activity.
• Track record of mentorship and knowledge sharing to broader team members.
• Preferred: Relevant recognized credentials (CISSP, CEH, GCIH, OSCP, or similar).
• Preferred: Working knowledge of Amazon AWS services and secure configurations.
• Preferred: Experience working with Microsoft cloud technologies (Azure Active Directory, Office 365, Defender 365).

Not sure you meet 100% of our qualifications? That’s ok. If you believe that you could excel in this role, we encourage you to apply and welcome a chance to review your background. We are dedicated to building and maintaining a diversified workforce and considering a broad array of candidates with a variety of skill, workplace experiences, and backgrounds. As an equal opportunity employer, Wellington Management ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, sex, sexual orientation, gender identity, gender expression, religion, creed, national origin, age, ancestry, disability (physical or mental), medical condition, citizenship, marital status, pregnancy, veteran or military status, genetic information or any other characteristic protected by applicable law.

If you are a candidate with a disability, or are assisting a candidate with a disability, and require an accommodation to apply for one of our jobs, please email us at GMWTalentOperations@wellington.com.