Security Analyst - Incident Response

Interactive Brokers Group, Inc. (Nasdaq: IBKR) is a global financial services company headquartered in Greenwich, CT, USA, with offices in over 15 countries. We have been at the forefront of financial innovation for over four decades, known for our cutting-edge technology and client commitment.

IBKR affiliates provide global electronic brokerage services around the clock on stocks, options, futures, currencies, bonds, and funds to clients in over 200 countries and territories. We serve individual investors and institutions, including financial advisors, hedge funds and introducing brokers. Our advanced technology, competitive pricing, and global market help our clients to make the most of their investments.

Barron's has recognized Interactive Brokers as the #1 online broker for six consecutive years. Join our dynamic, multi-national team and be a part of a company that simplifies and enhances financial opportunities using state-of-the-art technology.

• →Triage and investigate security alerts using SIEM/EDR tools
• →Execute incident response playbooks
• →Perform malware analysis and IOC identification
• →Create incident tickets and maintain documentation
• →Conduct initial forensic data collection
• →Support security event correlation and analysis
• →Monitor suspicious endpoint activities
• →Participate in 24x7 incident response coverage

• Experience with SIEM (Splunk/QRadar)
• EDR platforms (CrowdStrike/Carbon Black)
• Incident ticketing systems (ServiceNow/JIRA)
• Windows/Linux log analysis
• Network traffic analysis
• Malware detection tools
• IOC collection and analysis
• Basic forensic tools

• 5+ years SOC/IR experience
• L1/L2 alert analysis background
• Experience with incident playbooks
• Exposure to MITRE ATT&CK framework
• Understanding of kill chain methodology
• Basic threat intelligence usage

• SIEM platforms
• EDR solutions
• TIP platforms
• Forensic tools
• Network monitoring tools
• Vulnerability scanners
• Incident management systems

• Rotating shifts (24x7 SOC)
• Incident response handling
• Alert triage and escalation
• Documentation and reporting
• Team collaboration

• Advanced IR certification support
• Threat hunting training
• Digital forensics exposure
• Technical skill development
• Senior analyst progression