Job title: Senior Information Security Associate - Incident Response & Threat Hunting
Corporate Title: Associate
Department: Technology
Location: Jacksonville

The pay range for this position at commencement of employment is expected to be between $95,000 and $110,000 annually.

Company overview

Nomura is a global financial services group with an integrated network spanning approximately 30 countries and regions. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Wealth Management, Investment Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com.

Aon’s Benefit Index®, Nomura’s benefits rank #1 amongst our competitors

Department overview

The Information Technology department at Nomura is at the forefront of innovation, driving technology solutions that empower our business and enhance client experiences. We leverage cutting-edge technologies to develop and maintain robust systems and infrastructure, ensuring the security, reliability, and efficiency of our operations. Join our team and be part of a dynamic and collaborative environment that embraces technological advancements to deliver value and drive our digital transformation journey.

Role description

We are seeking a seasoned Information Security Analyst to join our cybersecurity team. The ideal candidate will spearhead incident response efforts, lead proactive threat hunting initiatives, and drive security improvements across the organization.

Incident Response & Investigation

• Lead Tier-3 security incident investigations from detection through resolution
• Perform digital forensics analysis and evidence collection using enterprise toolsets
• Conduct root cause analysis and identify attack vectors
• Implement incident containment and eradication strategies
• Develop comprehensive post-incident remediation plans

Threat Hunting & Detection

• Execute proactive threat hunting campaigns using threat intelligence
• Develop and optimize custom queries for security tools and SIEM platforms
• Conduct hypothesis-driven investigations
• Perform IOC-based threat hunting across enterprise environments
• Analyze and report on emerging threat landscapes
• Create and maintain threat hunting playbooks

Post-Incident Management

• Design and implement security control improvements
• Enhance detection rules and use cases
• Deliver executive-level reports for management and stakeholders
• Facilitate lessons learned workshops
• Conduct trend and metrics analysis
• Lead knowledge transfer sessions

Skills, experience, qualifications and knowledge required

Required Experience

• Minimum 4 years of hands-on experience in information security
• Demonstrated expertise in incident response, digital forensics, and threat hunting
• Proven track record of leading complex security investigations

Technical Skills Required

• Advanced proficiency in SIEM platforms and query languages
• Expertise in digital forensics tools and methodologies
• Experience with threat intelligence platforms and IOC implementation
• Strong understanding of EDR/XDR technologies
• Proficiency in at least one scripting language (Python, PowerShell)
• Knowledge of log analysis and network security monitoring

Professional Skills

• Strong analytical and problem-solving abilities
• Excellence in technical writing and documentation
• Advanced presentation and stakeholder communication skills
• Ability to translate technical findings into business impact
• Experience in conducting technical training sessions

Required Knowledge

• Deep understanding of cyber attack methodologies and TTPs
• Expertise in incident handling frameworks (NIST, SANS)
• Knowledge of security control frameworks (MITRE ATT&CK, CIS)
• Understanding of threat intelligence concepts and application
• Familiarity with regulatory compliance requirements

Preferred Qualifications

• Relevant certifications (GCFA, GCIH, EnCE, SANS FOR508)
• Bachelor's degree in Computer Science, Cybersecurity, or related field
• Experience with enterprise security architecture
• Knowledge of cloud security concepts and tools

Key Performance Indicators

• Quality and timeliness of incident response
• Effectiveness of threat hunting campaigns
• Development of detection rules and use cases
• Contribution to team knowledge base
• Stakeholder satisfaction with reporting and communications

Working Conditions

• Must be able to work rotating shifts as part of 24/7 coverage
• May require on-call availability
• Must be able to respond to critical incidents outside normal business hours

Explore Insights & Vision

• Identify the underlying causes of problems faced by you or your team and define a clear vision and direction for the future.

Making Strategic Decisions

• Evaluate all the options for resolving the problems and effectively prioritize actions or recommendations.

Inspire Entrepreneurship in People

• Inspire team members through effective communication of ideas and motivate them to actively enhance productivity.

Elevate Organizational Capability

• Engage proactively in professional development and enhance team productivity through the promotion of knowledge sharing.

Inclusion

• Foster a culture of inclusion and psychological safety in the workplace and cultivate a "Risk Culture" (Challenge, Escalate and Respect).

*base pay offered may vary depending on multiple individualized factors, including market location, corporate and functional title and duties, job-related knowledge and advanced degrees, skills, and experience. The total compensation package for this position may also include other elements, including a sign-on bonus, restricted stock units, discretionary awards and eligibility for commissions for applicable sales roles in addition to a full range of medical, financial, and/or other benefits (including 401(k) eligibility and various paid time off benefits, such as vacation, sick time, and parental leave), dependent on the position offered. Details of participation in these benefit plans will be provided if an employee receives an offer of employment.

If hired in the U.S., employee will be in an “at-will position” and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors”.

Nomura is an Equal Opportunity Employer