About CLS:
CLS is the trusted party at the centre of the global FX ecosystem. Utilized by thousands of counterparties, CLS makes FX safer, smoother and more cost effective. Trillions of dollars’ worth of currency flows through our systems each day.
Created by the market for the market, our unrivalled global settlement infrastructure reduces systemic risk and provides standardization for participants in many of the world’s most actively traded currencies. We deliver huge efficiencies and savings for our clients: in fact, our approach to multilateral netting shrinks funding requirements by over 96% on average, so clients can put their capital and resources to better use.
CLS products are designed to enable clients to manage risk most effectively across the full FX lifecycle – whether through more efficient processing tools or market intelligence derived from the largest single source of FX executed data available to the market.
Our ambition to make a positive difference starts with our people. Our values underpin everything that we do at CLS and define our working environment:
- Pivotal purpose
- Trusted guardian
- Targeted innovation
- Facilitate connections
- Delivering excellence
- Inclusive culture
Job Information:
- Functional Title: Cybersecurity Data Scientist
- Department: IT Security, Cyber Threat Intelligence
- Corporate Level: Vice President
- Reports To: Executive Director
- Location: London, on-site 2 days per week
Job purpose:
CLS is seeking a highly motivated, self-driven Cybersecurity Data Scientist to join a global threat intelligence team. The role will be located in London, UK. The position will report to the Head of Cyber Threat Intelligence and Proactive Cyber Defense and will involve applying advanced statistical analysis, machine learning, and data engineering to identify, detect, and mitigate digital threats. The ideal candidate will be aware of industry trends and frameworks and how they could impact our business, including threat actor groups, their TTPs, intrusion activities. The candidate will work in support of the Cybersecurity Operations, Cyber Threat Intelligence, and Threat Hunting teams. This role will also be responsible for mentoring others on the team.
This position requires someone with an analytical mind, a quick learner, and the ability to create and deliver briefings, propose, and execute program initiative’s/improvements, and collaborate with a wide range of key internal and external stakeholders.
Job Description:
- Develop and implement machine learning models (i.e. anomaly detection, classification) to identify patterns indicating malicious activity, malware, or insider threats
- Clean normalize, and manage massive datasets from disparate security systems (SIEM, firewalls, endpoints) to make them usable for analysis
- Analyze historical security data and external threat intelligence to forecast potential attack vectors
- Present complex technical findings via dashboards to non-technical stakeholders
- Work with CTI analysts to produce reports for both executive and technical stakeholders and be able to brief all stakeholders.
- Develop and maintain clear documentation of activities, findings, and lessons learned
- Assess emerging threats against our operational environment and work in partnership with our security teams for detection, mitigation, and remediation efforts
- Perform trend and correlation of cyber intelligence for recommendation-based countermeasures
- Support and engage in incident response investigations
- Review other analysts work and provide mentorship and guidance
Experience:
- 5-7+ years of direct cybersecurity related data scientist experience
- 5+ years of progressive experience in information security (cyber security) field, preferable in Security Operations or Incident Response roles
- Understanding of intelligence lifecycle and risk management
- Knowledge of fundamentals of threat actors’ TTP
- Understanding of IOC validation practices and sources
- Familiarity with MITRE ATT&CK framework and mapping
- Excellent interpersonal and relationship management skills
- Individual contributor whilst also contributing to a small team
- Self-motivated with ability to work with minimal supervision
Qualifications/Certifications:
- Bachelor’s Degree in Cybersecurity studies, Intelligence Studies, International Relations, Economics, Computer Science, or related discipline
- Security certification such as SANS GIAC (or equivalent) ideally GMLE or CERT Applied Data Science for Cybersecurity Professional, or working towards certification (or equivalent), CISSP and Security+
- High proficiency in Python and SQL
- Experience with threat intelligence and SOC/CIRT interaction
- Splunk experience is highly preferred
- Experience with SIEM, EDR solutions, network monitoring tools, and other cyber security tools
- Experience with scikit-learn, tensorflow, or pytorch
- Experience with big data frameworks such as Hadoop, Spark, or Kafka
- Strong knowledge