The Security Department’s mission is to protect Bridgewater. We secure the investment engine, which manages over $160 billion in assets for global institutional clients, as well as various business operations functions. We constantly evolve our cyber, physical, and staff security practices to meet the business needs and stay ahead of the changing threat landscape.
The Security Operations team is a centralized group whose responsibilities are to monitor, assess and defend Bridgewater assets and people from adverse actions.
What You’d be Doing
Bridgewater’s Threat Intelligence (TI) team, part of our Computer Incident Response Team (CIRT), identifies, tracks, and analyzes cyber threats to the organization. The goal of the Senior Threat Analyst is to deliver actionable intelligence to our security analysts, security management, and our business leaders. The analyst will develop a range of analytic products—including threat profiles, historical trends, future scenarios, briefings, and link analyses—to inform, warn, or otherwise help security decision-makers proactively respond to a variety threats facing Bridgewater. Extensive data sets, premium intelligence sources, and analysis tools are available for their mission, but using their own unique ideas, sources, and industry connections will make the analyst an indispensable member of the Security Operations Team.
A day in the life of the Senior Threat Analyst includes distilling threat information into actionable products, curating an ever-expanding body of threat knowledge, and exploring large data-sets in order to build a better understanding of Bridgewater’s contact threats. When a cyber-security headline takes over the news cycle, the analyst will provide their credible view on what really matters to the organization. They will also join technology projects designed to improve our defensive capability, and utilize our extensive training opportunities to further hone their skills.
You’d click for this role…
…If you’re an expert in:
- Cyber security threats, the technical vulnerability landscape, and the geopolitical environment
- Cyber kill chain, diamond model of intrusion analysis, analysis of competing hypotheses, or other relevant network defense and structured intelligence analysis methods.
- Common attack vectors, intrusion tactics, and attacker tools.
- STIX, ATT&CK, CAPEC, or other relevant frameworks for categorizing TTP or modeling intrusion vectors.
…If you’re great at:
- Using your unique sources and connections to stay ahead of the headlines on a daily basis.
- Sorting signal from noise to highlight what is relevant to the mission.
- Communicating succinctly in verbal and written form with technical and non-technical audiences. A writing sample may be requested.
- Collaborating with experts to apply an understanding of threats to tactical and strategic security decisions.
- Keeping a very organized library of threat knowledge and content.
- Providing quality insights to senior stakeholders across the organization, sometimes on short-notice.
- Knowing who will benefit from different types of intelligence (tactical, operational, strategic) and maintaining prioritized requirements with those stakeholders.
- Helping find new ways to apply threat intelligence to support the organization.
…If you’re able to:
- Reliably get things done.
- Give and receive open and direct feedback.
- Logically evaluate and prioritize risks and threats.
- Demonstrate logical argumentation, attention to detail, and critical thinking.
- Apply structured analytic techniques to complex problems.
You’ll be into this if you:
- Enjoy exploring large datasets in order to connect the dots on threats and adversaries.
- Look forward to trying new things through exposure to various technologies and projects.
- Are passionate about the importance of security, and want to partner with colleagues who need your expertise.
- Have a strong ownership mentality and drive for results.
- Value truth, openness, and pursuing excellence.
Boxes to check:
- Broad knowledge of common cyber adversaries, attack vectors, intrusion tactics, and attacker tools.
- Hands-on experience with or functional knowledge of common security detection and prevention technologies (proxy, IDS/IPS, AV, endpoint solutions, firewalls, etc.) in order to advise on defensive security control changes.
- Experience with threat intelligence platforms (TIP) or other relevant knowledge management tools.
- Operating knowledge of the intelligence lifecycle.
- Experience performing basic static and dynamic malware analysis and triage using commercial sandbox tools.
- Curiosity and willingness to explore technical topics (e.g., malware).
- Experience with scripting languages, especially Python, is a plus.
Bridgewater manages global investments for a wide array of institutional clients, including foreign governments and central banks, corporate and public pension funds, university endowments and charitable foundations. Bridgewater is a highly entrepreneurial company, driven to success by: its process, its people, and its culture. At Bridgewater, we have invented, and keep inventing, superior approaches to investing and technology. We have fueled this innovation by recruiting talented, creative people from all backgrounds and promoting an invigorating and collaborative work environment. We are committed to the constant pursuit of excellence, and the belief that a meritocracy of ideas, not hierarchies, drives decision-making. Bridgewater is based in Westport, Connecticut.
Please note that we do not provide immigration sponsorship for this position.
Bridgewater Associates, LP is an Equal Opportunity Employer.