Bridgewater Associates is focused on having the deepest possible understanding of financial markets and the global economy.  We translate that understanding into great portfolios and strategic partnerships with institutional clients, where we've built a distinct track record of success. We've done this for more than 40 years by having great people operate in a culture of radical truth and radical transparency. Today, we manage about $160 billion for approximately 350 of the world’s largest and most sophisticated institutional clients, including public and corporate pension funds, university endowments, charitable foundations, supranational agencies, sovereign wealth funds, and central banks.

Security Department Overview:

Our group is responsible for protecting Bridgewater’s people, culture, and ideas — specifically its investment engine. We continue to evolve an enterprise-wide cyber operations team with cutting edge technologies and automation, in order to monitor and contain evolving threats.  Together with incident response, as well as top-tier staff and physical security practices, we’re committed to becoming the most innovative and capable security team of our kind.

Position Summary:

Cyber Security Analysts at Bridgewater are responsible for monitoring and triaging cyber alerts.  Best of breed systems across the environment send event logs to the SIEM, providing a rich analytical platform for correlating events that contribute to these alerts.  Analysts are responsible for discovering and escalating any consequent malicious or anomalous activity, which may require incident response. Further, Cyber Security Analysts engage frequently with the Security and Technology engineering teams. They serve as key members in deploying and configuring security controls that protect the constantly evolving BW infrastructure.  Analysts also partner with external industry experts to understand new developments, pushing the Security Operations Center to the leading edge of the Cyber Security field.   

Responsibilities:

  • Monitor and investigate internal and external cyber threats, leveraging best of breed technologies, through constant engagement with other world class analysts
  • Report status, define tuning requirements, and monitor functionality of security controls
  • Quickly correlate multiple data sources and apply various analytical techniques, to determine the best hypothesis for event activity
  • Constantly learn, illustrate, and apply knowledge on the latest adversarial tactics, techniques and procedures
  • Contribute to real time improvement of internally developed analytics, understanding both technical context and strategic best practices
  • Support tuning and iteration of tools used for monitoring, analysis, and forensics
  • Standardize techniques and procedures, in order to promote automation
  • Maintain awareness of latest cyber security subject matter through a demonstrated hunger and passion for the industry

Candidate Evaluation Criteria:

Candidates will be evaluated based on their ability to demonstrate a proven track record of proficiency in the following competencies:

  • SIEM (Splunk preferred) experience used in guiding investigations, utilizing custom queries, with understanding of correlation across data fields
  • Advanced working knowledge of system internals for leading operating systems
  • Ability to understand and analyze anomalies in common network protocols
  • Advanced knowledge and understanding of common adversary TTPs and the attacker kill chain
  • Advanced understanding and analysis of event logging from many different devices
  • Understanding of malware and associated behavior
  • Self-motivated, independent thinking, with a willingness to consistently challenge the status quo
  • A deep desire to persevere and win in a challenging and fast moving operational environment
  • Experience working in a dynamic and collaborative environment; able to speak about complex and technical topics with both technical and non-technical colleagues

Position Requirements:

  • Bachelor’s degree or higher in Information Technology or related experience
  • Minimum 1-2 years of Information Security experience
  • Minimum 1-2 years of experience with antivirus, EDR, intrusion detection systems, firewalls, Active Directory, vulnerability assessment tools, as well as SIEM
  • Baseline understanding of domain-based Windows environments
  • Basic understanding of tactics, techniques and procedures following industry recognized frameworks such as MITRE ATT&CK
  • Excellent analytical and problem-solving skills
  • Ability to leverage both open-source and commercial tooling to resolve investigations quickly

Preferred Qualifications:

  • Scripting/Programming (Python, PowerShell, Lua, C#, etc.)
  • Familiarity with cloud technologies such as AWS, Azure, Google Cloud and associated services (SaaS, IaaS, etc.)
  • Experience with defensive security tools and operations
  • Certifications: GIAC – GCIH, GCFE

Bridgewater Associates, LP is an Equal Opportunity Employer.                                                                            

Apply for this Job

* Required
File   X
File   X
When autocomplete results are available use up and down arrows to review
+ Add Another Education
+ Add Another Employment