CyberSecurity Analyst First Eagle Investment Management
New York, NY

Job Description

First Eagle is an independent, privately-owned investment management firm headquartered in New York with approximately $103 billion* in assets under management. Dedicated to providing prudent stewardship of client assets, the firm focuses on active, fundamental and benchmark-agnostic investing, with a strong emphasis on downside protection. Over a long history dating back to 1864, First Eagle has helped its clients avoid permanent impairment of capital and earn attractive returns through widely varied economic cycles-a tradition that is central to its mission today. The firm's investment capabilities include equity, fixed income, private credit, and multi-asset strategies.

* As of April 30, 2019

First Eagle is seeking a candidate for a CyberSecurity Analyst role. The successful candidate will participate in the FEIM's cyber and information security risk assessment program. They will recommend and implement methods of safeguarding data, information systems, and technology infrastructure to ensure that organizational information security risks are identified and managed. The Analyst will play a critical role on the FEIM's information security risk assessment team, which will perform information system risk assessments of FEIM's technology initiatives, business associates, and suppliers.

Responsibilities:

Strategy & Planning:

* Design, implement and administer the security solutions for FEIM infrastructure, systems and applications.
* Responsible for building and maintaining Information Security metrics, reports and dashboards working with the CISO and other IT teams as required. These dashboards may include but are not limited to vulnerability management, phishing, and 3rd party risk and incident response metrics.
* Acts as customer facing liaison and information security subject matter expert to help IT functional teams, internal project teams, business stakeholders, and external partners understand policies and control requirements.
* Works with SIEM solution to improve log analysis and correlation, build dashboards to show alerting and security posture.
* Experience working with network, host, and user activity data, and identifying anomalies.
* Acts as point-person for investigations of security violations through endpoint and network forensics.
* Reviews computer security incident reports and anomalous activity of network and ensures ongoing proactive measures to mitigate risks.
* Executes and improves the core functions of incident response including: threat detection and prevention, incident response, systems and network security monitoring, forensics and vulnerability management at enterprise scale.
* Reviews alerts and data from systems and responds appropriately, including documentation and escalation.
* Ensures the monitoring of intrusion detection and security information management systems to discover and mitigate malicious activity on networks if any detected.
* Develops tactical response procedures for security incidents.
* Recommends and implements mitigating actions to contain incident related activity.
* Extensive experience with Palo Alto security services, Fortinet Security Services, IPS, as well as other NGFW (Next Gen Firewall) features and capabilities.
* Performs hands on technical vulnerability testing of the company's technology infrastructure, network, systems and applications.
* Install, configure and/or run various tools including SIEM, IDS/IPS, Email protection, Firewalls, anti-virus and anti-malware systems.
* Work with Privilege Access Management tools. Ability to install, configure and administer PAM tools.
* Perform firewall rules review.
* Responsible for the cyber security awareness training program for all employees.
* Attend threat intelligence calls and updates with current Managed security service Provider. Assist in managing the relationship and services with our MSSP.
* Manage the vendor security assessment process to include vendor relations with our 3rd party provider responsible for conducting risk assessments and liaison with internal and external business partners accordingly. Review 3rd party assessment reports and work with 3rd parties to identify security improvements or other mitigating controls and potentially incorporate into contract terms. Prioritize, track and report out on progress status, issues, and challenges.

Operational Management:

* Assist in the design, support and management of effective security solutions, including firewalls, SIEM, anti-malware, threat feeds, vulnerability scanning and intrusion detection systems.
* Produce and maintain regular written and in-person communications regarding pertinent security activities.
* Produce and maintain procedures and policies pertaining to the information security program and its technologies.
* Actively work with department technical and business colleagues to ensure optimal security solutions for the business needs.

Functional Duties:

* Participates in required "on-call" rotations requiring night and weekend availability as scheduled, provide additional availability 24/7 when necessary.
* Ensures the monitoring of intrusion detection and security information management systems to discover and mitigate malicious activity on networks if any detected.
* Develops tactical response procedures for security incidents.
* Recommends and implements mitigating actions to contain incident related activity.

Requirements:

* Undergraduate degree in computer science, engineering or related field and/or 2+ years working in a security operations center or information security related department.
* 2+ years' experience of using SIEM to build alerts and dashboards.
* CISSP or CISA preferred.
* Previous experience in the financial services industry is a plus.

Knowledge & Experience:

* Knowledge and experience with the Security and Exchange Commission's recommendations for Cyber security programs.
* Knowledge and experience with IT audit frameworks like: COBiT, ITIL and NIST.
* Hardening applications and OSs including Windows and Linux.
* Have strong knowledge of Firewalls, DLP, IDS/IPS, anti-virus, URL filtering etc.
* Have strong hands on experience with SIEM and vulnerability tools.
* Have strong hands on experience with PAM tools
* Strong understanding of TCP/IP, LAN, WAN and endpoint security technologies
* Experience with DLP technologies.
* Experience with incident response tools.
* Experience with Web Application Firewall.
* Malware/Sandboxing/Advanced Threat Protection.
* Knowledge of IT security regulations and best practices.
* Security certifications preferred. (e.g., SANS, ISC2, ISCAC and EC-Council).
* Cloud security specific certification preferred (e.g., AWS, GCP, Cloud+).
* Knowledge of Riverbed Cascade and Gigamon solutions a plus.
* Proven analytical and problem-solving abilities.
* Ability to perform under stressful situations.
* Visio experience.

Personal Attributes:

* Strong interpersonal, written, and oral communication skills.
* Ability to prioritize and execute tasks in a high-pressure environment and make sound decisions in emergency situations.
* Able to conduct research into issues and products as required.
* Highly self-motivated and directed.
* Keen attention to detail.
* Strong customer service orientation.
* Experience working in a team-oriented, collaborative environment.

The duties and responsibilities described herein are not a comprehensive list. Additional tasks may be assigned to the employee and the scope of the job may change as necessitated by business demands.

First Eagle Investment Management, LLC (FEIM) is an Affirmative Action and Equal Opportunity Employer. Equal Employment Opportunity has been, and will continue to be, a fundamental principle at FEIM, where employment is based upon personal capabilities and qualifications without regard to race, color, religious belief, including dress and grooming practices, sex, sexual orientation, gender identity, gender expression, age, national origin, marital status, citizenship, disability, veteran status, pregnancy, breastfeeding or medical conditions related to breastfeeding, status as a victim of domestic violence, sexual assault, or stalking, or any other basis protected by applicable federal, state or local law, genetic information or characteristics (or those of a family member), or any other protected characteristic as established by law.