Security Analyst

DRW is a diversified trading firm with over 3 decades of experience bringing sophisticated technology and exceptional people together to operate in markets around the world. We value autonomy and the ability to quickly pivot to capture opportunities, so we operate using our own capital and trading at our own risk.

Headquartered in Chicago with offices throughout the U.S., Canada, Europe, and Asia, we trade a variety of asset classes including Fixed Income, ETFs, Equities, FX, Commodities and Energy across all major global markets. We have also leveraged our expertise and technology to expand into three non-traditional strategies: real estate, venture capital and cryptoassets.

We operate with respect, curiosity and open minds. The people who thrive here share our belief that it’s not just what we do that matters–it's how we do it. DRW is a place of high expectations, integrity, innovation and a willingness to challenge consensus.

Our global Security Operations team is looking for a talented Security Analyst to join the team in our Chicago office. To flourish in this role, you will need a strong drive to learn and improve. When it comes to new technology, you’ll enjoy researching and evaluating new solutions using custom and commercial testing tools. You will be given the freedom and resources while being mentored by industry-leading engineers, all to provide you with the best possible environment to succeed at DRW.
How you will make an impact:

• Perform triage of global security alerts generated from various sources (including IPS, Web Security, Event Logs, Endpoint Protection, Brand Protection, Phishing)
• Respond to any incidents identified from analysis of security alerts
• Triage & route internal support tickets sent to the Security team
• Creation & revision of threat detections
• Perform SIEM product administration for event correlation and threat detection
• Perform SOAR playbook/dashboard management and product administration
• Provide insider threat investigation assistance to teams of internal stakeholders
• Drive automated detection, response, and configuration through various scripting and programming languages
• Evaluate commercial and open-source tools as needed
• Collaborate with internal Infosec peers to continuously improve security posture
• Contribute to internal documentation of standard processes & procedures
• Educate users on security best practices
• Assess security risks as they relate to new projects and initiatives
• Attend security conferences, seminars, and regular training to stay ahead of the ever-changing security landscape

What you bring to the team:

• A bachelor’s degree, or equivalent experience
• Interest in digital forensics and physical security
• A passion for security and problem solving
• Heightened attention to detail and forward thinking
• Strong knowledge of either Windows, MacOS, or Linux with an interest in learning the details of platforms that you might not have experience with
• Knowledge of the Incident Response Cycle
• Knowledge of static & dynamic malware analysis, including network packet captures
• Knowledge of core networking & cloud security concepts
• Experience with Security Information and Event Management (SIEM) products
• Experience with SOAR (Security Orchestration, Automation, and Response) products
• Experience with data analysis of events in security related sources such as IPS, Web Security, Endpoint Protection, Event Logs
• Experience working with GitHub
• Experience with PowerShell, Bash, Python, Ruby, or Perl
• Exceptional time management skills
• Excellent verbal and written communication skills

For more information about DRW's processing activities and our use of job applicants' data, please view our Privacy Notice at https://drw.com/privacy-notice.

California residents, please review the California Privacy Notice for information about certain legal rights at https://drw.com/california-privacy-notice.

#LI-BL1