Bridgewater Associates is focused on understanding how the world works. By having the deepest possible understanding of the global economy and financial markets, and translating that understanding into great portfolios and strategic partnerships with institutional clients, we've built a distinct track record of success. We've done this for more than 40 years by having great people operate in a culture of radical truth and radical transparency. Today, we manage about $160 billion for approximately 350 of the largest and most sophisticated global institutional clients including public and corporate pension funds, university endowments, charitable foundations, supranational agencies, sovereign wealth funds, and central banks.
Security Department Overview:
Our group is responsible for protecting Bridgewater’s people, culture, and ideas — specifically its investment engine, which manages over $160 billion in assets. We are implementing a three-pronged structure of staff, cyber, and physical security and investing in world-class practitioners and cutting-edge technology to help us hold the highest standards in the ever-changing threat landscape. We’re committed to becoming the most innovative and capable security team in the world.
Bridgewater’s Security Operations team is looking for a Principal Security Analyst who will specialize in vulnerability remediation. The individual must have deep and broad expertise in corporate infrastructure and operating systems, including both MS Windows and Unix-based technologies and a proven ability to quickly understand complex computing environments. He or she will apply this expertise to identify, assess, report, and help remediate vulnerabilities in a prioritized way, using mastery of industry-relevant tools to do so. The ideal candidate will be expected to provide informed advice on services and technologies that enhance the security ecosystem and further enable automated discovery, remediation, and alerting of network, application, and endpoint vulnerabilities. In this role, he or she must build strong partnerships with technologists and managers company-wide and ensure their applications, systems, architectures, and infrastructures leverage the appropriate security and vulnerability management tools. He or she will work with colleagues across Security (e.g., incident response, threat intelligence) to remediate vulnerabilities that present risks across the enterprise. They will also perform deep-dive assessments on trending vulnerabilities and produce vulnerability analysis for technical and leadership audiences.
The successful candidate must have strong writing and communication skills and be able to present complex technical information to a senior management audience. This is not a manager position, but must be a leader on the team and contribute to the Security Operations mission and vision. Given the seniority of this role, the Principal Security Analyst has a responsibility to train and mentor peers and junior analysts in a community of excellence.
- Delivery of vulnerability management services spanning an enterprise with both legacy and cutting-edge technologies
- Provide expert vulnerability assessment
- Apply advanced data analysis techniques to large datasets of vulnerability, patch, compliance, and asset data
- Collaborate with engineers, analysts and others in Security and Technology to design remediation plans
- Support the cyber incident response team in specified vulnerability discovery and assessment tasks during crisis management
- Improve existing vulnerability tools and methodologies to enhance discovery, remediation, and alerting capabilities, or recommend alternatives.
Candidate Evaluation Criteria
- Demonstrated passion for proactively identifying risks and fixing problems
- Expertise in vulnerability scanning technology, governance processes, risk assessment, and data analysis
- Ability to communicate complex and technical issues to diverse audiences (in person and in writing), in an easily-understood, authoritative, and actionable manner
- Ability to react quickly and decisively in high-impact situations
- A well-developed understanding of and appreciation for business needs, and a commitment to delivering quality, prompt, efficient, and well-rationalized service to the business
- A desire and technical ability to build automation into manual processes
- B.S. in Computer Science, Information Systems, Information Technology, or a related field
- 5-8 years prior system administration experience in Microsoft environments (Domain, Server, Desktop) with similar experience in Unix (BSD, Linux, Unix) environments
- Experience implementing and operating a vulnerability management program using Qualys and/or similar vulnerability scanning technologies
- Familiarity with Azure/AWS and associated cloud integration initiatives (e.g. O365)
- SQL, Python, PowerShell, and Bash scripting experience is a must
Preferred Experience (Optional)
- MCSA, CCNA, RHSA, or comparable certifications
- Experience supporting application layer is preferred
- Programming expertise desired, but not necessary
- Specific security experience desired, but not necessary
Please note that we do not provide immigration sponsorship for this position.
Bridgewater Associates, LP is an Equal Opportunity Employer.