Vacancy expired!
Your Opportunity
As a Senior Analyst for Cyber Incident Response, you will be a key part of the team who will develop and improve the framework, testing/exercises, and processes. You will help coordinate investigations, develop exercise scenarios, and support liaison between digital forensics/SOC (Security Operations Center) and senior leadership. Finally, you will help ensure the program meets FFIEC (Federal Financial Institutions Examination Council) and relevant privacy laws. What you are good at- Coordinate incident response (IR) measures between SOC (Security Operations Center), Forensics, and enterprise technology stakeholders to triage and lead escalated security incidents and enable a more centralized control of IR activities
- Improve information and workflow processes for the incident response program to ensure it is FFIEC compliant
- Escalate incidents based on defined threat and priority thresholds
- Update and maintain incident response documentation and processes in accordance with standards by continuously monitoring and improving process, playbook, and standard based on what we learn from each incident and exercise
- Support projects to develop and integrate comprehensive program documentation (standards, processes, and playbooks)
- Coordinate response/containment activities and monitor/track actions to completion
- Develop and support self-identified findings for program
- Support implementation and improvement of data management processes
- Maintain and update the Cybersecurity Incident Response Standard and Plan
- Assist with the development of any new IR documentation and execution of the IR program roadmap
- Support exercise development to include scenario and objective development
- Support coordination and facilitation of Cybersecurity tabletop exercises
- Gather information required for regulatory reporting during an incident and provide to the regulatory partners
- Support Lessons Learned processes, provide After-Action Reports, and track remediation plans to closure
- Recommend process changes to enhance defense and response procedures
- Align Cybersecurity IR processes with Business Continuity Incident Management and Disaster Recovery processes
- Bachelor's Degree in a related discipline
- 5+ years' experience of relevant work experience and/or related disciplines
- Previous experience executing various incident response frameworks and handling procedures
- Previous experience working in a Security Operations Center (SOC)
- Certifications: CISSP (preferred), CISM (Certified Information Security Manager) (optional)
- Demonstrates experience and understanding of cyber risks and threats related to cyber attack
- Maintains a superior level of customer satisfaction with internal and external customers
- An ability to coordinate and organize work while meeting deadlines
- Decision making, written and oral communication and people management skills
- Proven team building and successful leadership qualities
- Strong written and verbal communication skills with ability to translate technical terms into business language
- Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness