Senior Forensic and Threat Investigator

  • Competitive
  • London, England, United Kingdom
  • Permanent, Full time
  • MSCI Inc.
  • 16 Sep 16

The IT Risk & Information Security team is responsible for oversight and governance of Information Security, Risk Management and Compliance frameworks, policies and controls across all corporate functions and products, reporting directly to the CISO.

Senior Forensic and Threat Investigator

About MSCI

For more than 40 years, MSCI’s research-based indexes and analytics have helped the world’s leading investors build and manage better portfolios.  Clients rely on our offerings for deeper insights into the drivers of performance and risk in their portfolios, broad asset class coverage and innovative research. Our line of products and services includes indexes, analytical models, data, real estate benchmarks and ESG research.  MSCI serves 98 of the top 100 largest money managers, according to the most recent P&I ranking.

For more information, visit us at

Position overview:

We are looking for an experienced Information Security Threat Investigator to deliver high quality analysis and Forensic investigation processes, within MSCI’s existing process and systems, to effectively deliver substantive improvements and drive down risk across the organization.  This is an excellent opportunity to develop and drive a set of global Information Security initiatives across multiple business units and brands within MSCI. The successful candidate will gain an in-depth understanding of the technical and business functions and will oversee the execution of key processes to strengthen business decision making and reduce risk.

Our aim is to have the best information security and risk management in the industry, and we see this as a real differentiator for our clients, who themselves view security as a critical issue.  The next few years will see sustained investment in analytics tools and technology with information security, risk and the ongoing maintenance and assurance of compliance environments continuing to be one of the most critical areas of focus.  The Board believes that investing in Information Security and Risk is a critical undertaking to protect our systems, information, and client data


  • Assessment, review of escalated security incidents and intelligence data
  • Act rapidly and appropriately to incidents and intelligence events
  • Repackage and present consolidated intelligence to senior audience
  • Deep data analytics to reveal and classify risks appropriately
  • Working with teams across the globe to understand and capture potential or actual business impacts and translate those into technical remediation’s
  • Documenting, evaluating existing risks and risk mitigation solutions and proposing additional risk mitigations to enhance security and further reduce risk exposure
  • Consult on vendor products and implementations
  • Influence and help increase security awareness amongst business and technical teams alike
  • Contributing to the Information Security Department on decision shaping discussions

Desired experience and qualifications:

The successful candidate will:

  • Have at least 6 years of practical experience in the security investigations arena, with a proven track record of forensic investigations in a distributed heterogeneous and global environment
  • Act as a strong leader when required to lead incident response
  • Act as a strong contributor in critical incidents and investigations
  • Experience of the EnCase suite of products (or FTK)
  • Experience of email-based security investigations, including Nuix product suite
  • Have a strong knowledge of and demonstrated practical experience with forensics in Windows, Linux and networks
  • Have a strong knowledge of log-analysis and data mining techniques
  • Have an understanding of infrastructure and application security testing, specifically relating to the identification of vulnerabilities
  • Have experience in leveraging data from enterprise level Information Security solutions comprising  firewalls, Load Balancers, Intrusion/Prevention Detection solutions, SIMs/SIEMs, proxies, Citrix, etc.
  • Be able to translate technical issues into business language and vice versa
  • Be cognizant of legal and regulatory constraints across various world jurisdictions
  • A relevant IT degree and CISSP
  • Cyber-Intelligence and Cyber-Forensic certifications

In addition, the ideal candidate will also have experience or understanding in some of the following:

  • Network security (Firewalls, proxies, DNS, IDPS, switching/routing, encryption, etc)
  • Web technology (IIS, Apache) and security of web-based services & applications
  • Virtual application hosting (Citrix XenApp/XenDesktop/XenServer)
  • Single-Sign-On protocols and implementation
  • SIEM/SIM and log centralization and processing
  • Akamai Content Delivery or equivalent
  • DDOS protection, Business Continuity concepts
  • Red Hat Enterprise Linux and Windows 2008 server concepts
  • Exchange Server and BES management and logging
  • Vulnerability assessment tools (i.e. Qualys, Nessus)

The primary responsibilities of this role are providing internal Information Security Investigation and expert analysis of threat data for a range of cross platform (Windows/Linux based) enterprise systems and applications from the aforementioned list of technologies. The candidate should have a high degree of self-motivation, strong analytical and creative problem solving skills, attention to detail, have excellent organizational skills, and must be fluent in English with strong written and oral communication skills. Some travel is to be expected.

Due to the great number of applications we receive for each of our open vacancies, we are unable to respond on an individual basis.

To all recruitment agencies: MSCI does not accept unsolicited CVs/Resumes. Please do not forward CVs/Resumes to any MSCI employee, location or website. MSCI is not responsible for any fees related to unsolicited CVs/Resumes.

MSCI Inc. is an equal opportunity employer committed to diversifying its workforce. It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, gender, gender identity, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy (including unlawful discrimination on the basis of a legally protected pregnancy/maternity leave), veteran status, or any other characteristic protected by law.