Main Purpose:

As part of Trafigura's IT Security team, you'll be at the forefront of protecting one of the world's leading commodity trading companies.

In this role you will serve as a senior technical expert within the IT Security Operations Centre, leading sophisticated security incident investigations and advanced threat hunting activities.
You will be able to contribute to the continual improvement of supervising security capabilities through crafting customized detections, streamlining processes, and performing forensic analysis.
Take on the role of being the central contact for SOC analysts, managing the coordination of cross-functional response efforts in the face of critical security events.

You will be responsible to improve interpersonal security posture by proactively identifying threats, conducting root cause analysis, and crafting advanced security tools and procedures.

The role reports to Head of Security Engineering who is based in London.

Knowledge Skills and Abilities, Key Responsibilities:

Core Competencies

Security Monitoring & Detection

• Extensive knowledge of network security architecture, endpoint protection, and cloud security principles

• Security Information and Event Management (SIEM): Proficiency with Splunk Enterprise Security or similar platforms for advanced correlation, threat hunting, and analytics

• Endpoint Detection & Response (EDR): Expert-level experience with Microsoft Defender for Endpoint (or equivalent), including configuration management, alert triage, and response automation

• Threat Intelligence Integration: Ability to integrate threat feeds into detection systems and develop specialized detection guidelines in response to emerging threats

• Advanced Analytics: Experience with behavioural analytics, anomaly detection, and machine learning-based security monitoring techniques

Incident Response & Forensics

• Handling Security Incidents: Proficiency in supervising complicated security situations from detection to resolution

• Digital Forensics: Expertise in memory forensics and network forensics to establish incident timeline and scope

• Malware Analysis: Advanced skills in static and multifaceted malware analysis, including disassembly, debugging, unpacking, and sandbox analysis

• Actively pinpointing vulnerabilities that have bypassed current security measures by conducting detailed inquiries

• Incident Coordination: Capable of directing teams with diverse roles and communicating adeptly with partners in the midst of security situations

Technical Expertise

• Scripting & Automation: Strong programming skills in PowerShell, Python, and other relevant languages for security automation and custom tool development

• Active Directory & Identity Management: Deep understanding of AD architecture, LDAP queries, and common attack vectors against identity infrastructure

• Operating System Security: Comprehensive knowledge of Windows, Linux, and macOS security mechanisms and hardening techniques

• Network Security: Expertise in network protocols, traffic analysis, and network-based detection techniques

• Cloud Security: It would be advantageous (but not required) if the candidate had experience securing assets across major cloud platforms (AWS, Azure) and understanding cloud-specific security controls

Key Responsibilities

Security Operations

• Lead complex security investigations requiring advanced forensic techniques and cross-platform analysis

• Develop and maintain custom detection rules, playbooks, and response procedures

• Perform regular threat hunting exercises to identify potential compromises

• Analyze and validate security alerts escalated from Tier 1 analysts

• Conduct root cause analysis for security incidents and develop mitigation strategies

Engineering & Development

• Design and implement security monitoring improvements and automation workflows

• Develop custom scripts and tools to enhance detection and response capabilities

• Maintain and optimize security tooling, including SIEM content, EDR policies, and detection rules

• Collaborate with security architecture teams to improve defensive posture

• Contribute to continuous improvement of security monitoring and response processes

Leadership & Knowledge Transfer

• Serve as technical escalation point for Tier 1 SOC analysts

• Document findings, methodologies, and lessons learned from security incidents

• Collaborate with threat intelligence teams to enhance detection capabilities

Qualifications

Required Experience

• 5+ years of experience in cybersecurity with at least 3 years in a SOC or incident response role

• Demonstrated expertise with SIEM platforms, preferably Splunk Enterprise Security

• Advanced knowledge of Microsoft Defender for Endpoint or similar EDR solutions

• Experience with memory forensics tools (e.g., Volatility) and malware analysis techniques

• Proficiency in at least one scripting language (PowerShell, Python, Perl)

Relevant Certifications (not required)

• GIAC Certified Incident Handler (GCIH)

• GIAC Reverse Engineering Malware (GREM)

• GIAC Certified Forensic Analyst (GCFA)

• Certified Information Systems Security Professional (CISSP)

• Offensive Security Certified Professional (OSCP)

Personal Attributes

• Exceptional analytical and problem-solving abilities

• Effective communication skills for conveying technical concepts to a range of audiences

• Self-motivated with ability to work under pressure during security incidents

• Detail-oriented with strong documentation habits

• Collaborative mindset and team-oriented approach to security operations

This role requires a security professional who can handle complex security incidents, perform advanced technical analysis, and provide leadership during critical security events. The successful candidate will combine technical depth with operational excellence to strengthen our security posture and respond effectively to emerging threats.

Key Relationships and Department Overview:

• IT Security

• Trading IT

• Middle Office teams

• CISO (Chief Information Security Officer)

• Security Engineering Leads

• Head of Infrastructure

• Lead Developers

• DevOps teams

Departments Overview:

IT Security at Trafigura is a global team and is responsible for protecting the company's digital assets, data, and technology infrastructure.

​Given Trafigura's global presence and the sensitive nature of commodities trading, IT Security plays a critical role in maintaining operational integrity and competitive advantage.

Equal Opportunity Employer

We are an Equal Opportunity Employer and take pride in a diverse workforce! We do not discriminate in recruitment, hiring, training, promotion or other employment practices for reasons of race, color, religion, gender, sexual orientation, national origin, age, marital or veteran status, medical condition or handicap, disability, or any other legally protected status.