BXTI - Cybersecurity, Senior Security Operations Engineer

Job Description:

Firm Overview:

Blackstone is one of the world's leading investment firms. We seek to create positive economic impact and long-term value for our investors, the companies we invest in, and the communities in which we work. We do this by using extraordinary people and flexible capital to help companies solve problems. Our $619 billion in assets under management include investment vehicles focused on private equity, real estate, public debt and equity, life sciences, growth equity, opportunistic, non-investment grade credit, real assets and secondary funds, all on a global basis. Further information is available at www.blackstone.com. Follow Blackstone on Twitter @Blackstone.

Business Unit:

Blackstone Technology & Innovations

Business Description:

Blackstone Technology & Innovations (BXTI) is the technology team at the core of each of Blackstone's businesses and new growth initiatives. Serving both internal and external clients, we work to build the next generation of systems that manage risk, create efficiency and improve transparency within the firm and across our broad community of investors and portfolio companies.

BXTI is nimble and entrepreneurial - our open, agile design processes and rapid pace of development means that everyone on the team has the opportunity to make an impact from day one. We are problem solvers who can take projects from idea to implementation. We believe in active mentoring and developing excellence. We collaborate to find the best answers for our customers and for Blackstone. We are critical to the firm maintaining its competitive edge.

Job Title:

Senior Security Operations Engineer

Job Description:

The Senior Security Operations Engineer will work as part of the Security Operations Center and is primarily responsible for designing, building, and maintaining the firm's security orchestration and automated response system. You will work closely with other security operations and engineering team members to develop automated response solutions utilizing third party API's, custom development, and scripting.

You will partner with security engineering to expand the observability of the core SIEM platform and onboard new, unique data sets to enhance detection capabilities. In collaboration with Purple Team, you'll be responsible for identifying key areas of risk to the firm to design unique, bespoke detections to further enhance the overall security posture.

Responsibilities:

• Create and maintain playbooks/documentation in support of ongoing tuning of the Security Orchestration and Automated Response tool
• Implement new detections and automated responses across the enterprise
• Manage data intake for a cloud based SIEM / ensure all data sources are working effectively
• Configure, test, document and implement new or upgrades to security processes, controls or products as directed
• Partner with cross-organizational teams to address alert and investigation deficiencies
• Advise on changes to area procedures and products
• Provide operational support, troubleshooting and maintenance of Security related processes, controls, or products
• Identify anomalies, malware, exploit attempts and other attacks using the Security Information and Event Management (SIEM) platform
• Represent the Blue Team on Purple Team engagements/efforts to design and build detections

Qualifications:

• Have 3+ years in a hands-on technical role utilizing SIEM and SOAR technologies
• Experience with cloud native architectures such as AWS, Azure, Office 365 etc.
• Have hands on experience with SIEM for detection and security orchestration and automated response (SOAR)
• Have experience with of a wide range of current network security technologies such as firewalls, proxies, network and host-based intrusion prevention, DLP, vulnerability assessment tools, security information/event management, endpoint security, anti-virus/anti-malware, etc.
• Have development/scripting experience with Python and/or PowerShell
• Experience with multiple security event detection platforms (and the ability to orchestrate those to a centralized detection platform)
• Demonstrate an ability to enable creative solutions by stimulating ideas through discussion and collaboration
• Have strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level
• Possess at least one active security certification: GCIH, GCIA, SPLUNK ECSA, ECIH or other similar certification

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, sexual orientation, national origin or any other category protected by law.

If you need a reasonable accommodation to complete your application, please contact Human Resources at 212-583-5000 (US), +44 (0)20 7451 4000 (EMEA) or +852 3656 8600 (APAC).

The Blackstone Group and its affiliates provide equal employment opportunity to all qualified employees and applicants for employment regardless of race, color, creed, religion, sex, pregnancy, national origin, ancestry, citizenship status, age, marital or partnership status, sexual orientation, gender identity or expression, disability, genetic predisposition, veteran or military status, status as a victim of domestic violence, a sex offense or stalking, or any other classification prohibited by applicable law.

To submit your application please complete the form below. Fields marked with a red asterisk * are required in order to enter into a possible employment contract (although some can be answered "prefer not to say"). Failure to provide this information may compromise the follow-up of your application. When you have finished click Submit at the bottom of this form.