FactSet is currently seeking a “Cybersecurity Engineer” to join the growing global Cybersecurity team. The hire will be part of global “Cyber Command Center” (SOC) department, which is primarily responsible for detecting & responding to the ever-evolving Cybersecurity Threats to the business & its assets. Department’s areas of work include Security Event analysis, Use case development, Incident Response, Digital Forensics, Security control Tuning, Threat Intelligence & Hunting. This role is primarily responsible for acting as a front-line incident responder, investigating incidents and events raised through our internal SIEM or the MSSP.. A successful candidate f or this role requires lots of enthusiasm, willingness to learn, attention to detail, and an understanding of both network and endpoint-based attacks.

Key Responsibilities:

Use SIEM and log tools to monitor and analyze security events across FactSet, including end-user devices and a hybrid environment.
Investigate alerts from the MSSP and take action to address threats.
Conduct root cause analysis to understand security incidents, documenting findings in the ticketing system for continuity and future audits.
Gather and share threat intelligence with relevant teams and conduct threat hunts.
Develop SIEM detection rules to enhance coverage and reduce false positives.
Create and adjust SOAR automations to reduce threat response time.
Update incident response playbooks for consistent analysis.
Work with IT, Cloud, and Networking teams to resolve incidents and improve security.
Participate in post-mortem reviews for continuous improvement.

Minimum Requirements:

1-2 Years of experience working in Incident Response / Security Ops or similar roles within Security.
Must have Fluency in English, both written and verbal.

Critical Skills:

Proficiency with SOC-related technologies, including SIEM, network and endpoint security, email, web, and cloud security platforms, and vulnerability management tools.
Understanding digital forensics in an enterprise environment.
Familiarity with attack frameworks like Kill Chain and MITRE, and the ability to use them for incident response and reporting.
Ability to identify and implement automation opportunities.
Strong communication skills to explain complex technical issues to both technical and non-technical audiences.
Effective time management across various responsibilities through prioritization and scheduling.
Self-motivation, integrity, and an understanding of business priorities.

Preferred Skills/Desired Skills:

Proven ability to engage a diverse audience for maximum outcome.
Experience in developing use cases within attack frameworks.
Experience in team collaboration to achieve departmental goals.
Demonstrated track record as a team player, contributing to team success.

Education:

Bachelor’s degree in computer science or equivalent work experience