Job Description
SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG’s shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges. In the Americas, SMBC Group has a presence in the US, Canada, Ireland, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization’s extensive global network. Senior Cyber Security Analyst (Cyber Monitoring and Response Team) As a Senior Cyber Security Analyst, you will be a key part of a high performing SOC team, with a desire to continually improve and advance our capabilities to protect SMBC Group. You will bring your passion for Cybersecurity to a team of like-minded professionals and leverage this passion to ensure our monitoring and response capabilities are effective and efficient and that we keep pace with a rapidly changing threat landscape. Role Description You will support the monitoring and response of cyber security alerts and incidents by investigating them to find the root cause and identifying the gap in controls that allowed a threat to reach that point in the kill chain. If you identify an incident, you will perform technical analysis, tracking down the actions of that threat actor as part of the incident response, while supported by the wider Incident response process and members of the SOC and CSIRT teams. If you identify a false positive, you will drive the effort to tune or refine our detections, or to drive improvements to our preventative controls to prevent a recurrence. As part of a wider team of SOC analysts, you may focus on an area you are passionate about. You will develop expertise and expand our capabilities in domains such as Purple Teaming, Threat hunting, Digital Forensics and Incident Response (DFIR), Security Automation, Detection Engineering, and Threat Intelligence. You will bring fresh ideas, challenge the status quo, and seek always to answer - how can we improve? This role is best suited for candidates who enjoy and have experience within SOC or CSIRT teams and enjoy investigating and finding the root of an issue or incident. Candidates who excel will think critically to find ways to resolve security challenges. This role would suit an experienced and self-motivated cyber security professional with strong technical skills and knowledge combined with a passion for cyber security. Role Objectives Act as a core member of the SOC including Cyber Monitoring & Response. Analyse security alerts and respond to security events and incidents. Maintain and update monitoring & response playbooks. Conduct proactive threat hunting. Develop expertise in our monitoring systems and technology. Test new adversary TTPs and our ability to detect and respond to them. Identify opportunities for efficiency and work with the Security Automation team to improve our response processes. Assist in the implementation and ongoing support of security systems. Execute tasks or support projects to enhance team’s capabilities. Follow standards for security excellence within the SOC. Bring a positive outlook and seek to motivate and inspire your fellow team members. Role Objectives: Expertise Demonstrate comprehensive understanding of cyber security best practices, risk vectors, mitigation techniques, and protection software. Strong understanding of MITRE ATT&CK Cyber Kill Chain and similar frameworks. Strong knowledge of security controls related to detection, analysis, and response (SIEM, EDR, NDR, XDR, UEBA). Strong knowledge of Windows and Linux systems, Active Directory, Cloud technologies. Qualifications and Skills 4+ years of experience in cyber security, ideally in a SOC, DFIR, or CSIRT role. Strong verbal and written communication skills with experience in documenting work to a high level. Professional Certifications are an advantage but not essential if you have requisite role knowledge (GCIH, GNFA, GFCA, CEH, OSCP, CISSP or similar certifications). Must be self-directed with the ability to work independently. Ability to multi-task and remain productive in a service-driven and results-oriented environment. Demonstrated strong organizational, analytical, and problem-solving skills. SMBC’s employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status, or any other characteristic protected by law. SMBC provides reasonable accommodations for employees and applicants with disabilities consistent with applicable law. #J-18808-Ljbffr