CSOC Data Ops Specialist
Location
New York
Business Area
Legal, Compliance, and Risk
Ref #
10051451
Description & Requirements
What’s the role?
Bloomberg’s Cyber Security Operations Center (CSOC) plays a critical role in safeguarding the company’s digital environment, actively monitoring systems and networks for any signs of suspicious activity. When a confirmed incident occurs, CSOC leads containment and response efforts, formalizing lessons learned and hardening defenses against future attacks.
CSOC Program Assurance ensures that the CSOC program is delivered in a structured, measurable, and reliable way. We partner closely with teams across the firm to improve our ability to detect and investigate security incidents, ensure the effectiveness of the security controls we rely on, and continuously strengthen our monitoring capabilities.
On any given day, we may be overseeing cross departmental initiatives, improving security monitoring processes, supporting our partners across the firm, managing vendors or audits, and reporting on CSOC health and effectiveness. A critical part of our mission is ensuring that the CSOC has complete, reliable, and high quality security data. Our team works with system, application, infrastructure, cloud, and vendor partners to onboard the logs CSOC needs, verify they continue to flow as expected, and resolve issues when they do not.
We’ll trust you to:
Primary Focus – Security Data Management
• Own and drive the end to end onboarding of security logs required by CSOC monitoring, detection, and investigation platforms.
• Partner directly with system and data owners across the firm to identify required telemetry, enable log delivery, and resolve technical blockers.
• Act as the technical point of coordination for log ingestion, including format alignment, parsing, normalization, enrichment, and data quality validation.
• Ensure the ongoing health and continuity of log flows, proactively identifying and troubleshooting breaks, delays, and degradation.
• Perform root cause analysis on logging gaps or ingestion failures and coordinate remediation with internal engineering teams and external vendors.
• Maintain accurate documentation, inventories, and standards related to log coverage, ingestion methods, and operational dependencies.
• Evaluate new systems, services, and vendor solutions to determine logging feasibility and monitoring coverage, identifying risks and gaps early.
• Drive incremental improvements in automation, validation, and monitoring of log ingestion pipelines to improve reliability and reduce manual effort.
• Support the rollout of new CSOC use cases, detections, and tools by ensuring required data sources are available and reliable.
Secondary Focus – Program Assurance & Oversight
• Manage and contribute to initiatives and projects that improve CSOC monitoring capabilities and operational effectiveness.
• Funnel and facilitate audit, risk, and external requests for information, particularly those related to logging, monitoring, and detection coverage.
• Coordinate the efforts of technical resources working to deliver projects benefiting the CSOC.
• Develop and maintain processes, procedures, and documentation to ensure operational consistency.
• Assemble and present CSOC metrics and KPIs, including measurements related to log coverage, data health, and control effectiveness.
• Measure and help improve the effectiveness of CSOC’s key technical controls to ensure business objectives are met.
• Measure and track services provided to the CSOC by internal and external vendors to verify commitments are met.
• Provide oversight that aims to ensure the efficacy and completeness of CSOC’s detection program.
• Generate ideas for continued improvement, including conceptual design of new threat scenarios.
• Demonstrate sound judgment, a strong sense of ownership, do the right thing, and escalate when appropriate.
You’ll need to have:
• Approximately 4–6 years of relevant experience in security operations, infrastructure, or technology roles with a strong technical focus.
• Hands‑on experience with log management, security telemetry, or data ingestion pipelines in a production environment.
• Practical experience with SIEM or security analytics platforms, such as Splunk and/or CrowdStrike LogScale.
• Strong understanding of security telemetry sources, including operating systems, applications, network devices, identity systems, and security tools.
• Proficiency with cloud technologies and cloud‑native logging, including ingesting or consuming logs from major cloud providers.
• Working knowledge of log formats, schemas, parsing, normalization, enrichment, and time synchronization.
• Experience leveraging version control and automated deployment pipelines to support scalable and repeatable log ingestion and data management workflows.
• Proven ability to troubleshoot complex data flow and ingestion issues across multiple teams and vendors.
• Experience coordinating work across system owners, engineers, and external partners.
• Solid understanding of Security Operations Center workflows, detection dependencies, and monitoring use cases.
• Excellent written and verbal communication skills, including the ability to translate technical concepts for non‑technical audiences.
• Strong organizational skills, attention to detail, and ability to manage multiple concurrent priorities in a time‑sensitive environment.
We’d love to see:
• Exposure to automation, validation, or monitoring mechanisms for log ingestion or data pipelines.
• Experience supporting new detections, monitoring use cases, or threat scenarios through improved data coverage.
• Familiarity with security metrics, KPIs, or data quality reporting.
• Experience supporting security compliance, audit, or regulatory efforts related to logging or monitoring.
• Comfort working in a fast‑paced environment where priorities shift and deadlines compress.
• Bachelor’s degree (BA or BS) or equivalent practical experience.
Salary Range = 190,000 - 260,000 USD Annual + Benefits + Bonus
The referenced salary range is based on the Company's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level.
We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation (exempt roles only), paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns.
We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation (exempt roles only), paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns.
Discover what makes Bloomberg unique - watch our podcast series for an inside look at our culture, values, and the people behind our success.