Lead SOC Analyst
ABOUT US
We’re the world’s leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value – across borders, through cities and overseas. No other organisation can address the scale, precision, pace and trust that this demands, and we’re proud to support the global economy.
We’re unique too. We were established to find a better way for the global financial community to move value – a reliable, safe and secure approach that the community can trust, completely. We’re always striving to be better and are constantly evolving in an ever-changing landscape, without undermining that trust. Five decades on, our vibrant community reflects the complexity and diversity of the financial ecosystem. We innovate diligently, test exhaustively, then implement fast. In a connected and exciting era, our mission has never been more relevant. Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions.
The Cyber Fusion Centre (CFC) is looking for a Lead SOC (Security Operations Center) Analyst to join us. This team is responsible for the prevention of Cyber Security incidents by monitoring, detection, and response to potential intrusions in real time within the Swift network.
As a Lead SOC Analyst, you will provide input to security strategy and control of systems, networks, physical infrastructure, people and information. You will participate in the design, communication and execution of policies/controls/procedures as appropriate for Swift and its customers, and as consistent with the company objectives, company reputation and regulatory requirements. In this role, you will act as an operational mentor, coaching junior members within the team.
**Swift is unable to sponsor an employment authorization for this position now or in the future.
What to Expect:
You will:
- Lead the creation and operationalization of a formalized Threat Hunting program within the SOC
- Participate in a 24x7 SOC; occasional shift work is required for this position. Shift work typically includes one week per month Monday - Sunday, 11 AM - 7 PM and occasional holiday work; all other hours are standard working hours.
- Provide expertise & guidance to less senior team members
- Support Incident Response (IR) and Threat Detection development activities and report to Senior Management ensuring proper awareness and ownership
- Support the introduction and implementation of new capabilities and IR processes and procedures within the Cyber Fusion Centre
- Interact closely with Swift's Red Team to further enhance detection capabilities
- Lead and participate in IR simulation exercises from a blue team perspective
- Perform proper triage identification and scoping of incidents including identification, investigation, and follow-up of containment actions
- Participate in the identification, development and communication of IOCs
- Participate in the identification and coordination of eradication and remediation actions with various stakeholders and ensure timely follow-up.
- Enhance and tune tools for efficiently managing large collections of security events
- Stay abreast of changing technologies, emerging cyber threats and attack methodologies
What will make you successful:
Technical Qualifications
- Bachelor's degree in Computer Science, IT, or related field
- 8+ years of related working experience in a SOC, Incident Response, or Threat Hunting role
- Experience performing or leading threat hunting activities
- Experience with cloud technologies such as Azure, Google Cloud, or AWS
- Experience with security tools such as SIEM, IDS/IPS, EDR/XDR, SOAR, etc.
- Ability to learn in a fast-paced, multi-dimensional, technical environment
- Strong verbal and written communication and the ability to concisely and accurately document technical investigations
Preferred Technical Qualifications:
- Familiarity with Scripting languages such as PHP, Perl or Python and databases such as MySQL, and knowledge of Unix and Windows.
- Security certifications such as GIAC GCIA/GCIH, CISSP, or other relevant certifications
- Knowledge of penetration testing and vulnerability assessment capabilities and tools
The estimated salary range for a new hire in this position in Virginia is $121,564.00 USD Annual MINIMUM to $225,762.00 USD Annual MAXIMUM. Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. Our compensation packages include a competitive base salary and bonus opportunity for all employee’s contingent on personal and company performance. Our generous benefits program includes medical, dental, vision and life insurance with no premium costs for our employees and their families, and retirement plan plus matching 401k.
What we offer
We give you the freedom to be yourself. We are creating an environment of unique individuals – like you – with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyone’s voice counts and where you can reach your full potential.
We are committed to an inclusive and accessible recruitment process. If you require a reasonable accommodation related to accessibility during your application or interview, please contact accessibility-Sysgroup@swift.com or indicate this in your application.
Please note that this mailbox is not monitored for general recruitment enquiries and should only be used for accessibility or accommodation-related requests (for example related to vision, hearing or neurodiversity).
All requests are confidential and will not affect your candidacy.
Don’t meet every single requirement? At Swift, we are dedicated to building a workplace where people can bring their full selves and ideas to the team, so if you are excited about this role, we encourage you to apply even if you do not meet every single qualification.