[Hiring] Security Content Engineer-2 @State Street

Role Description

State Street seeks to recruit a Security Content Engineer that will create, test, enhance, and document threat detection capabilities to determine the presence of certain cyber activity. Join us in evolving our threat management capabilities to shape a pro-active intelligence driven fusion model to protect State Street, its customers and partners from the ever evolving and sophisticated global threat actors. Remote work options will be considered for the highly skilled candidates.

As Security Content Engineer you will:

• Develop and implement new detection content for both cloud-based and on-prem systems while ensuring a high level of fidelity.
• Determine the best method for achieving detection content objectives to ensure efficiency and avoid duplication.
• Triage, prioritize, and take appropriate action to address requests for detection content corrections and/or enhancements.
• Test and tune threat detection use cases within the Security Incident and Event Management (SIEM), Endpoint Detection and Response (EDR) and/or other security platforms.
• Monitor and maintain SIEM look up tables and various other tables from becoming stale and dated.
• Monitor established content metrics, identify opportunities to increase efficiency, fidelity, and/or possible retirement.
• Validate and document content requirements, search criteria, test cases, and other development lifecycle aspects through use of appropriate documentation libraries and development tracking tools.
• Document and maintain assets, scripts and processes to test SIEM/EDR rules for reuse.
• Partner with other Fusion Center teams to align detection strategy with threat model and MITRE ATT&CK framework.
• Partner with purple team, various security, risk, IT and business professionals to validate and document threat detection goals.
• Provide guidance in alert creation among various security controls such as EDR, IDS, Cloud, email gateways, etc. Analyze, influence, and recommend.
• Collaborate with various teams to learn, document, and maintain a library of various IT processes, naming conventions, assets, configurations, and other considerations that can be leveraged to improve security capabilities across the organization.

Qualifications

• An agile development lifecycle and methodology.
• Articulate and thorough documentation and lifecycle.
• Methodical approach to test, tune and validate threat detection alerts/reports.
• Knowledge of adversarial tactics, techniques, and procedures - ability to create detective controls.
• Knowledge of cyber threat intelligence.
• Knowledge of IT architecture and operations (computing, network, storage & cloud).
• Knowledge of security control technologies.

Requirements

• BS in Cyber Security, Information Technology, Computer Science or relevant experience.
• +6 years in a cyber security skill role – SIEM/EDR Content Engineer, Incident Response, SOC Tier 3 Analyst, Threat Hunter, Penetration testing, etc.
• Financial Services experience a plus.
• Software development and/or scripting experience a plus: RegEx, PERL, Python, Powershell, etc.
• Technical security certifications a plus – GMON, GCDA, GCIH, etc.

Benefits

• Retirement savings plan (401K) with company match.
• Insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages.
• Paid-time off including vacation, sick leave, short term disability, and family care responsibilities.
• Access to our Employee Assistance Program.
• Incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans).
• Eligibility for certain tax advantaged savings plans.

Company Description

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you’ll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.