Cantor Fitzgerald's Global Information Security team is seeking a highly skilled Global Security Operations Lead with strong leadership capabilities and technical expertise in endpoint detection response, inventory discovery, and SIEM tools.
The Global Security Operations Lead will lead a global technical team of ~10 resources in New York, London, and Hyderabad to strengthen the company's security posture by implementing and optimizing security operations and leading incident response efforts.
The ideal candidate will have a deep technical understanding of cybersecurity threats, strong hands-on experience with key security tools, ability to perform advanced threat analysis, and integration with MSSP providers.
This role is part of an information security program and reports to the Chief Information Security Officer. They will interact with senior technology and business leadership across all Cantor Fitzgerald business units.
Role: Global Security Operations Lead
Industry Type: Financial Services, Real Estate
Department: Information Security
Employment Type: Full Time, Permanent
Experience: 12+ years
Location: New York, NY
Key Responsibilities
Security Operations Leadership
- Oversee the security operations work queue including volumes, critical alerts, and items that are at an impasse.
- Assist team with addressing alerts by providing guidance or resolving if technical resources are unavailable.
- Manage the relationship and interface with management and technical account team at key third party providers.
Security Solution Delivery
- Oversee the deployment, configuration, and ongoing management of security platforms including EDR (endpoint detection and response), endpoint discovery, digital certificates, vulnerability scanning, and SIEM.
- Design and implement automated response workflows using integrated capabilities within security platforms.
- Develop and manage AI driven security platform capabilities to help automate and enhance team capabilities.
- Identify gaps in security platforms to improve defense-in-depth controls, proactively manage the renewal of solutions in advance of end-of-life.
New Business / Product Integration
- Support the transition and migration of new businesses and products the firm has acquired to ensure they are incorporated into security operations and response.
- Ensure these new businesses and products are fully incorporated in asset management, vulnerability management, and incident response.
Threat Analysis & Response
- Maintain security incident response documentation, participate in table-top exercises
- Lead incident response efforts, including forensic analysis, root cause identification, containment, eradication, and recovery.
- Conduct advanced threat hunting activities using EDR and SIEM technologies.
- Maintain knowledge of the latest threats, vulnerabilities, and mitigation techniques.
Vulnerability Management
- Perform regular vulnerability assessments using Rapid 7 and Tanium to identify risks and provide actionable recommendations.
- Collaborate with IT and application teams to ensure timely remediation of vulnerabilities.
- Develop metrics and reports that track the status of vulnerabilities and patching activities across the enterprise.
Security Architecture & Best Practices
- Work closely with IT infrastructure and development teams to design secure systems, networks, and applications.
- Provide expert advice on cybersecurity best practices and security standards
- Assist in developing and refining security architectures
- Perform thorough analysis of security data to help inform security and team direction.
Mentoring & Knowledge Sharing
- Mentor junior security team members, providing guidance on incident response, threat hunting, and tool optimization.
- Conduct technical training sessions and knowledge-sharing workshops on the effective use of security platforms.
- Stay up to date with new features, releases, and best practices ensuring the team is leveraging the latest capabilities.
Compliance & Auditing
- Support the organization's compliance efforts by ensuring security controls meet regulatory and industry standards (e.g., NIST, ISO 27001, etc.).
- Participate in security audits and assessments to verify compliance and identify areas for improvement.
- Generate comprehensive reports to satisfy audit requirements and management reporting.
Technical Expertise Required
Microsoft Defender
- In-depth knowledge of Defender for Endpoint, Defender for Identity, and Defender for Cloud Apps and integration with Sentinel.
- Experience with configuring security policies and creating custom detection rules
Tanium
- Advanced experience with Tanium modules (e.g., Threat Response, Asset Discovery, Patch Management).
- Proven ability to deploy and configure Tanium in a global, multi-company financial services firm.
Splunk
- Ability to deploy and configure Splunk in a global, multi-company financial services firm.
- Hands-on knowledge of logging, monitoring, and response processes; event correlation, dashboard reporting.
Qualifications
Education
Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
Experience
12+ years of experience in cybersecurity with a focus on endpoint security, SIEM technology, vulnerability management, and incident response.
Certifications (preferred but not required)
- Microsoft Certified: Security Operations Analyst or similar certifications.
- Certified Tanium Administrator or related certifications.
- CISSP, GIAC, or other advanced cybersecurity certifications.
Key Professional Competencies
- Excellent analytical, problem-solving, and decision-making skills.
- Ability to present complex solutions and methods to a general community
- Strong written and verbal communication skills.
- Experience working with global teams across multiple time zones, cultures, and languages.
- Ability to work under pressure and handle high-severity security incidents.
- Collaborative mindset with a focus on teamwork and knowledge sharing.
- Monitor, manage and tune core endpoint and network security controls.
- Develop and deliver required metrics and reports.
- Develop and maintain process and standard operating procedures
- Strong troubleshooting skills, including demonstrated capability of issue isolation.
- Working experience with Layers 2-7 protocols and security technologies.
- Ability to identify security risks and weaknesses and provide security mitigation and remediation recommendations
The expected base salary for this position ranges from $150,000 to $225,000. The actual base salary will be determined on an individualized basis taking into account a wide range of factors including, but not limited to, relevant skills, experience, education, and, where applicable, licenses or certifications held. In addition to base salary and a competitive benefits package, this position may be eligible for additional types of compensation including discretionary bonuses and other short- and long-term incentives (e.g., deferred cash, equity, etc.).