There is a place for you at T. Rowe Price to grow, contribute, learn, and make a difference. We are a premier asset manager focused on delivering global investment management excellence and retirement services that investors can rely on today and in the future. The work we do matters. We invite you to explore the opportunity to join us and grow your career with us.ABOUT THIS POSITIONT. Rowe Price is seeking a Cyber Security Operations Analyst who has a passion, vision, and technical acumen to help meet the needs of the Global Security team. This individual will participate on a team of skilled cybersecurity professionals who perform in-depth analysis of potential cybersecurity incidents and provide formal recommendations to organizational leadership. This will include leveraging all available enterprise security tools, knowledge sources, and data artifacts to determine the who, what, when, where, and why of an intrusion. As a part of this team, you will provide first line analysis of potential intrusions based on alerts, events, and tips provided by stakeholders.ROLE SUMMARY
- Monitor, analyse, and investigate security alerts within the internal environment.
- Provide valuable remediation recommendations for security events and incidents.
- Collaborate on the development and enhancement of standard operating procedures.
- Contribute to the creation and refinement of internal security policies and procedures.
- A minimum of 2 years of technical experience in Information Security or Network Engineering, with at least 1 year in a Security Operations Center or similar function.
- Ability to utilize threat intelligence and an understanding of the latest attacker tactics, techniques and procedures to defend the firm against sophisticated cyber attacks
- Intermediate-level experience with host analytics (EDR, Windows event logs, etc.), network-based evidence, and incident investigations.
- Intermediate knowledge and hands-on experience leveraging industry-standard security technologies/skills to conduct threat and event analysis. This includes but may not be limited to SIEM event data, EDR tooling, and network traffic telemetry.
- Intermediate understanding of IPv4, TCP/IP, low-level networking, protocols, TCP/UDP ports, and their relation to the security risk landscape.
- Proven qualities of integrity, leadership, teamwork, and results-driven performance.
- Demonstrated ability to excel under pressure while maintaining professionalism.
- Beginner-level understanding of security-relevant log ingestion necessary to achieve security use cases.
- Basic awareness of cloud technologies in the context of security (AWS, Azure, GCP).
- Exceptional written, verbal, and non-verbal communication skills, particularly in conveying complex information clearly.
- Effective at identifying and driving positive change to improve the Security Analyst team, working independently.
- Experience with a combination of these technologies is preferred:
- SIEM's: Splunk , ELK Stack, Sentinel or similar
- EDR: CrowdStrike, SentinelOne, Defender for Endpoint, Carbon Black or similar