WELLINGTON MANAGEMENT

Wellington Management offers comprehensive investment management capabilities that span nearly all segments of the global capital markets. Our investment solutions tailored to the unique return and risk objectives of institutional clients in more than 50 countries draw on a robust body of proprietary research and a collaborative culture that encourages independent thought and healthy debate. As a private partnership we believe our ownership structure fosters a longterm view that aligns our perspectives with those of our clients.

THE POSITION

Wellington Management is seeking a Senior Cybersecurity Analyst; someone with an investigative mindset who is passionate about finding and stopping cyber threats. This role requires someone who can bring their expertise and innovative solutions to our dedicated global team and who has the technical and interpersonal skills to both independently lead investigations and help design and implement improved controls and processes. In this fastpaced and constantly evolving cybersecurity landscape you will play a crucial role in combatting past present and future threats while also working directly with our technology and business partners to build an increasingly cyber resilient workforce.

JOB OVERVIEW

Our Cyber Defense Teams primary mission is to understand the normal and to continuously seek out and investigate the abnormal. As a Cyber Defense Team Senior Analyst you will work closely with our business and technology teams to qualify and respond to threats to understand and refine processes and controls. Your responsibilities will include but are not limited to being an escalation point and expert on cyber incidents of various types threat hunting for TTPs prioritized by internal and external threat intelligence owning team process improvements as well as mentorship and staying on top of industry technology and cyber threat advancements. We are a passionate global team dedicated to helping keep our clients and our firm safe.

RESPONSIBILITIES

• Maintain a core competency in event analysis and serve as an escalation point for noteworthy investigations deeper investigations and those that require critical attention.

• Continue to build out new capabilities within the program aligned with our attack surface. Opportunities include detection enhancements improved or new standard operating procedures and working with internal teams to tune and operationalize new technologies.

• Focus on continuing to develop dashboards direct alerting riskbased alerting reports and other objects as needed in Splunk.

• Continue to maintain a depth of knowledge within the cyber security field. This entails following threat actor activity targeting the industry and speaking knowledgeably at regular internal threat intelligence briefings.

• Leveraging threat intelligence experience and other inputs to perform active threat hunting.

• Work alongside the Attack Surface Management Team to build response playbooks on emerging vulnerabilities.

• Interface with technical and nontechnical users to conduct factfinding interviews gather forensic artifacts and understand business processes.

• Engage with other teams as appropriate either as a result of incident response to build platform specific alerting or to advocate for improvements to configurations or technologies.

• Continue to develop and improve the Cyber Incident Response Plan and advocate for the program.

• Participate in oncall rotation for escalated security events.

QUALIFICATIONS

• Experience in having worked in a Security Operations CSIRT or similar role and able to demonstrate a passion in Cyber Security.

• Experience building out functions of a Cyber Defense Team such as an insider risk threat intelligence breach attack simulation or similar programs.

• Strong understanding of the fundamentals such as packet file and log analysis.

• Knowledgeable with various security infrastructure tools such as firewalls intrusion prevention/detection systems proxy servers email controls anonymizing technology data loss prevention Endpoint Detection and Response (EDR) and SIEM (Splunk)

• Strong understanding of common communication protocols networking fundamentals and the necessary tools to analyze network activity.

• Track record of mentorship and knowledge sharing to broader team members.

• Preferred: Relevant recognized credentials (CISSP CEH GCIH OSCP or similar)

• Preferred: Working knowledge of Amazon AWS services and secure configurations.

• Preferred: Experience working with Microsoft cloud technologies (Azure Active Directory Office 365 Defender 365

JOB TITLE

JOB FAMILY

LOCATION

Not sure you meet 100 of our qualifications Thats ok. If you believe that you could excel in this role we encourage you to apply and welcome a chance to review your background. We are dedicated to building and maintaining a diversified workforce and considering a broad array of candidates with a variety of skill workplace experiences and backgrounds.

As an equal opportunity employer Wellington Management considers all qualified applicants will receive consideration for employment without regard to race color sex sexual orientation gender identity gender expression religion creed national origin age ancestry disability (physical or mental) medical condition citizenship marital status pregnancy veteran or military status genetic information or any other characteristic protected by applicable law. If you are a candidate with a disability or are assisting a candidate with a disability and require an accommodation to apply for one of our jobs please email us at .