Sr. Information Security Analyst

Job Description Summary

The Senior Information Security Analyst will act as both a senior analyst and a non-managerial leader within the Information Security Analyst team, providing guidance and training to other information security analysts, and collaboration with other corporate business units including but not limited to global enterprise technology, corporate compliance, security assurance, global security operations, and other infrastructure risk business units. This position is part of a team that provides information security analysis services, incident response services, and ultimately information risk management support to the business. Specifically, this team acts as an incident response team and control group to ensure that security operational procedures are performed, and risks are addressed in a timely manner.

Describe the applications and business or enterprise functions the role supports:

Senior Information Security Analysts act as an information security subject matter expert ("SME"), as well as a SME on the various applications and tools the group utilizes such as Microsoft Defender for Endpoint/Identity/Office, Splunk, VMRay, and security incident tracking applications.

The key job responsibilities include, but are not limited to:

• Monitor alerts, detections or other indicators of compromise/attack from a variety of information security solutions;
• Performing threat hunting by actively seeking out anomalies and Indicators of Compromise and/or verifying their presence in the AB's Information Technology Environment;
• Performing Incident Response activities based on automated alerts, malware assessment, IOC discovery and other threat hunting activities;
• Investigate, contain, eradicate, and/or escalate security detections as appropriate;
• Document and generate reports of detections and response actions for review by management and other stakeholders;
• Assist in the discovery, analysis, and remediation of vulnerabilities;
• Monitor security platforms' health for errors, misconfigurations or performance alerts;
• Leverage SIEM platform by creating and executing search queries, dashboards, and alerts to identify threats, indicators of compromise, and assist in investigations;
• Support fellow team members, end-users, and other stakeholders' requests related to information security services;
• Perform control testing and other risk management activities;
• Provide information in response to assessments and audits;
• Provide oversight of managed third-party security services;
• Maintain an understanding of the systems, solutions, and technologies deployed in AllianceBernstein's IT infrastructure;
• Serve as a resource to the organization in the realm of information security by maintaining a dedication to continuous learning and growth.

What makes this role unique or interesting (if applicable)?

This is best suited for someone who is analytical with foundational knowledge and experience in information security, who shows pride in their development of process, analysis of data, and delivery of quality outcomes. We are a small yet diverse team, focused on quality outcomes, open teamwork, and efficiency.

What is the professional development value of this role, i.e., what learning and professional growth does the role offer the candidate?

Our people are our advantage; this role will provide the successful candidate future growth opportunities within IRM department and the broader GTO organization as their business acumen, tech skills and experience develop within AB's technology and operations areas. Each member of the team is expected to be both an apprentice, learning from those who have more professional experience or a longer tenure with AB, and a trainer to those on the team who do not yet have the experience of a seasoned analyst.

Job Qualifications (The ideal candidate should have the following):

• Experience securing and/or troubleshooting computer systems and networks.
• Experience with Malware Assessment and Incident Response.
• Experience with SIEM platforms; Splunk and MS Defender experience preferred.
• Experience reviewing logs, scripting tasks or creating structured queries/regex searches
• Awareness of Information Security best practices and financial regulatory requirements
• Leadership experience a plus.
• Excellent problem-solving and decision-making skills
• Excellent verbal and written communication skills; ability to communicate clearly to several levels of management while catering communication style to a wide range of technical, clinical, and cultural backgrounds across various business units
• Ability to represent data in meaningful graphical form
• Able to think and operate independently with limited guidance

Qualifications, Experience, Education:

• Minimum of 5 years' experience in Information Security
• At least 3 years' prior experience in a role with responsibility for information security incident response; this is not an entry level position.
• Either:
  • Bachelor's degree in Computer Science, IS or Information Security; or
  • CISSP, OSCP, CRISC, GCIH, GCFA, GFCE, GSE and/or similar certification
• Excellent program/project management, prioritization, and organizational skills
• Acute attention to detail.

Skills:

• Experience with Splunk Processing Language [SPL] and Kusto Query Language [KQL]
• Experience working with JIRA, ServiceNow or similar platforms
• Experience working with and managing Varonis DatAdvantage or similar platforms
• Experience creating, collecting, and assembling metrics for reporting
• Experience with incident response
• Experience working with on-prem and Cloud technology platforms and applications

Special Knowledge

• Experience with global security and privacy standards and regulations such as ISO 27001, NIST CSF, GDPR or CCPA

About AB

We are a leading global investment management firm offering high-quality research and diversified investment services to institutional clients, retail investors, and private-wealth clients in major markets around the globe. With over 4,000 employees across 57 locations operating in 26 countries and jurisdictions, our ambition is simple: to be the most trusted investment firm in the world. We realize that it's our people who give us a competitive advantage and drive success in the market, and our goal is to create an inclusive culture that rewards hard work.

Our culture of intellectual curiosity and collaboration creates an environment where you can thrive and do your best work. Whether you're producing thought-provoking research, identifying compelling investment opportunities, infusing new technologies into our business or providing thoughtful advice to our clients, we are fully invested in you. If you're ready to challenge your limits and empower your career, join us!

People of color, women, and those who identify as LGBTQ people are encouraged to apply. AB does not discriminate against any employee or applicant for employment on the basis of race, color, religion, creed, ancestry, national origin, sex, age, disability, marital status, citizenship status, sexual orientation, gender identity, military or veteran status or any other basis that is prohibited by applicable law. AB's policies, as well as practices, seek to ensure that employment opportunities are available to all employees and applicants, based solely on job-related criteria.

#LI-SM1

Nashville, Tennessee