Endpoint Security Analyst , AVP

State Street is seeking an Endpoint Security Analyst for our Security Platforms team, which is part of the State Street Cyber Fusion Center. This team designs, manages, and supports the security tools which enable security operations across State Street. These tools are critical to State Street’s security, enabling threat detection, incident response, threat hunting, vulnerability management, and other key functions. This is a priority role in a growing team, with multiple positions to be filled. Preferred locations are Ireland (Dublin, Kilkenny, or remote).Who are we looking forAn experienced security analyst with expertise in endpoint detection and response (EDR) products, as well as anti-malware tools and other endpoint security controls. This person will join State Street’s Security Platforms team, which is responsible for designing, configuring, and supporting the key security tools supporting our Cyber Fusion Center. Success in this role will require security knowledge, expertise in enterprise security tools, and problem-solving skills.What will you be responsible forEnsuring the security of State Street by delivering the most capable and reliable security tools for our incident responders and threat huntersEducating other teams within the Cyber Fusion Center on the capabilities and use cases of our security platforms, including in threat detection, incident response, threat hunting, and insider investigationsManaging some of the most important security controls at State Street.Maintaining our key security platforms to ensure high reliability, availability, and performanceManaging the deployment of endpoint agents and liaising with partner teams in global technology to ensure full coverage of our complex environmentDelivering rapid and effective solutions to emerging security threats and new requirementsImplementing novel technical solutions to integrate internal systems and automate repetitive processes, in order to improve security, boost efficiency, and increase the value of our platformsTuning and upgrading system components, following internal testing and change management processesContributing to projects that improve current capabilities, drive adoption, and enable future growthWhat we valueExperience operating or supporting platforms used in incident response, threat detection, or threat hunting (e.g., Splunk, Tanium, CrowdStrike, Cylance)Familiarity with multiple open source and commercial security tools including their use cases, capabilities, and limitationsStrong foundational security knowledge, specifically in large and complex organisationsUnderstanding of current security threats and other challenges, as well as frameworks like MITRE ATT&CKExperience of a 24/7 security operations environment emphasising speed of response, reliability, and system availabilityA desire to learn, combined with a collaborative work style and strong personal work ethicStrong communication and presentation skills, both verbal and writtenEducation & Preferred QualificationsThis is a role for an experienced security professional, expected to have 5+ years of relevant security and systems management experience (at least 3 years in security)Certifications in relevant security products would be beneficial (e.g., Tanium Certified Operator / Administrator, CrowdStrike Certified Falcon Administrator / Responder / Hunter, Cylance Security Professional, Splunk Certified Admin / User, SentinelOne Certified Administrator / Incident Responder)A degree is not required for this role, but a qualification in information security or information systems may be beneficial, or relevant industry certificationsExperience with scripting, system integration, or light development would be beneficial (e.g., Python, PowerShell, other scripting)Experience in distributed, international teams would be beneficialExperience in financial services may be beneficial#cyberireland