Sr. Information Security Analyst

Who We Are:

As a leading global investment management firm, AB fosters diverse perspectives and embraces innovation to help our clients navigate the uncertainty of capital markets. Through high-quality research and diversified investment services, we serve institutions, individuals, and private wealth clients in major markets worldwide. Our ambition is simple: to be our clients' most valued asset-management partner.

With over 4,400 employees across 51 locations in 25 countries, our people are our advantage. We foster a culture of intellectual curiosity and collaboration to create an environment where everyone can thrive and do their best work. Whether you're producing thought-provoking research, identifying compelling investment opportunities, infusing new technologies into our business, or providing thoughtful advice to clients, we're looking for unique voices to help lead us forward. If you're ready to challenge your limits and build your future, join us.

Who You'll Work For:

The Information Security Analyst team is responsible for safeguarding AllianceBernstein's technology and information assets. The team's primary focus is on identifying threats, monitoring, and responding to security events and enhancing the firm's security posture. The Information Security Analyst team operates as part of Infrastructure Risk Management (IRM), a department within Global Technology and Operations that is responsible for an enterprise-wide integrated infrastructure risk management program which employs a holistic approach to manage cybersecurity, information security, data privacy, physical security and business continuity led by the Chief Security Officer.

What You'll Do:

We are seeking a Nashville-based Senior Information Security Analyst to join our information security analyst team. This individual will act as part of the team responsible for "front line defense" by performing threat hunting services and ensuring that security alerts are reviewed, remediated, or escalated with appropriate urgency and all response actions are documented accurately. This is a fundamental practical role in protecting the information assets of the organization by effectively identifying and responding to potential indicators of compromise or attack.

The Senior Information Security Analyst will act as both a senior analyst and a non-managerial leader within the Information Security Analyst team, providing guidance and training to other information security analysts, and collaboration with other corporate business units including but not limited to global enterprise technology, corporate compliance, security assurance, global security operations, and other infrastructure risk business units. This position is part of a team that provides information security analysis services, incident response services, and ultimately information risk management support to the business. Specifically, this team acts as an incident response team and control group to ensure that security operational procedures are performed, and risks are addressed in a timely manner.

Describe the applications and business or enterprise functions the role supports:

Senior Information Security Analysts act as an information security subject matter expert ("SME"), as well as a SME on the various applications and tools the group utilizes such as Microsoft Defender for Endpoint/Identity/Office, Splunk, VMRay, and security incident tracking applications.

The key job responsibilities include, but are not limited to:

• Monitor alerts, detections or other indicators of compromise/attack from a variety of information security solutions;

• Performing threat hunting by actively seeking out anomalies and Indicators of Compromise and/or verifying their presence in the AB's Information Technology Environment;

• Performing Incident Response activities based on automated alerts, malware assessment, IOC discovery and other threat hunting activities;

• Investigate, contain, eradicate, and/or escalate security detections as appropriate;

• Document and generate reports of detections and response actions for review by management and other stakeholders;

• Assist in the discovery, analysis, and remediation of vulnerabilities;

• Monitor security platforms' health for errors, misconfigurations or performance alerts;

• Leverage SIEM platform by creating and executing search queries, dashboards, and alerts to identify threats, indicators of compromise, and assist in investigations;

• Support fellow team members, end-users, and other stakeholders' requests related to information security services;

• Perform control testing and other risk management activities;

• Provide information in response to assessments and audits;

• Provide oversight of managed third-party security services;

• Maintain an understanding of the systems, solutions, and technologies deployed in AllianceBernstein's IT infrastructure;

• Serve as a resource to the organization in the realm of information security by maintaining a dedication to continuous learning and growth.

What makes this role unique or interesting (if applicable)?

This is best suited for someone who is analytical with foundational knowledge and experience in information security, who shows pride in their development of process, analysis of data, and delivery of quality outcomes. We are a small yet diverse team, focused on quality outcomes, open teamwork, and efficiency.

What is the professional development value of this role, i.e., what learning and professional growth does the role offer the candidate?

Our people are our advantage; this role will provide the successful candidate future growth opportunities within IRM department and the broader GTO organization as their business acumen, tech skills and experience develop within AB's technology and operations areas. Each member of the team is expected to be both an apprentice, learning from those who have more professional experience or a longer tenure with AB, and a trainer to those on the team who do not yet have the experience of a seasoned analyst.

What We're Looking For:

• Experience securing and/or troubleshooting computer systems and networks.

• Experience with Malware Assessment and Incident Response.

• Experience with SIEM platforms; Splunk and MS Defender experience preferred.

• Experience reviewing logs, scripting tasks or creating structured queries/regex searches

• Awareness of Information Security best practices and financial regulatory requirements

• Leadership experience a plus.

• Excellent problem-solving and decision-making skills

• Excellent verbal and written communication skills; ability to communicate clearly to several levels of management while catering communication style to a wide range of technical, clinical, and cultural backgrounds across various business units

• Ability to represent data in meaningful graphical form

• Able to think and operate independently with limited guidance

Qualifications, Experience, Education:

• Minimum of 5 years' experience in Information Security; this is not an entry level position.

• At least 3 years' prior experience in a role with responsibility for information security incident response; this is not an entry level position.

• Either:

  • Bachelor's degree in Computer Science, IS or Information Security; or

  • CISSP, OSCP, CRISC, GCIH, GCFA, GFCE, GSE and/or similar certification

• Excellent program/project management, prioritization, and organizational skills

• Acute attention to detail.

Skills:

• Experience with Splunk Processing Language [SPL] and Kusto Query Language [KQL]

• Experience working with JIRA, ServiceNow or similar platforms

• Experience working with and managing Varonis DatAdvantage or similar platforms

• Experience creating, collecting, and assembling metrics for reporting

• Experience with incident response

• Experience working with on-prem and Cloud technology platforms and applications

Special Knowledge (if applicable):

• Experience with global security and privacy standards and regulations such as ISO 27001, NIST CSF, GDPR or CCPA