Senior Incident Response Analyst (Sr. IT Security Specialist)

Voya Financial
Windsor, CT
29 Jun 2024

Vacancy expired!

Together we strive for everyone's opportunity towards a better financial future.

Together we stand up for and champion everyone's access to opportunity. We strive for better together. We advocate for everyone and not against anyone. Voya believes in being bold and committed to action. We are committed to a work environment where the differences that we are born with - and those we acquire throughout our lives - are understood, valued and intentionally pursued. We believe that our employees own our culture and have a responsibility to foster an environment where we all feel comfortable bringing our whole selves to work. Purposefully bringing our differences together to positively influence our culture, serve our clients and enrich our communities is essential to our vision to be America's Retirement Company®.

Are you ready to join a great company with a winning culture? Start your Voyage - Apply Now

Profile Summary:

This position is for a Senior Incident Response Analyst (Sr. IT Security Specialist). Members of the Security Incident Response Team (SIRT) respond to security incidents leveraging the RE&CT framework during the identification & triage, containment, eradication, and recovery, phases of incident response process. Team members identify technical security risks and coordinate with stakeholders to develop, implement and verify mitigating controls, and influence environmental changes to ensure a minimal risk profile across the enterprise. Additionally, team members facilitate cross-team post incident review to identify vulnerabilities and opportunities to increase the effectiveness of incident response processes, playbooks, and coordination. The position will also be responsible for the collection, analysis, documentation, and secure storage of electronic artifacts in support of digital forensics and fraud investigations.

The ideal candidate will have enterprise technology experience in infrastructure, architecture and or application development or support, experience facilitating events with all levels of leadership during critical events, strong teamwork skills, be an excellent communicator, and possess a willingness to learn.

Profile Description:
  • Manage security incidents from multiple sources including: privacy, vulnerabilities, phishing, malware, ransomware, and forensic investigations
  • Conduct technical research in support of fraud and other corporate investigations
  • Ability to prioritize and balance multiple incidents as well as adjust to shifting priorities
  • Facilitate incident meetings involving technical, business, compliance, and legal teams.
  • Analyze technical data (logs, configurations, etc.) from a multitude of sources (SIEM systems, firewalls, web servers, and Linux/Windows devices) to understand the source/impact of security events.
  • Participate in forensic investigations as required, to include the collection, preservation of electronic evidence, analysis, and reporting.
  • Produce high quality oral and written presentations, communicating complex technical matters clearly and concisely with audiences ranging from peers, to Sr. Management and customers.
  • Development and maintain standard operating procedures.

Knowledge & Experience:
  • 3 most important skills: Incident Response -level 2 or 3, Cloud experience (prefer Azure, but AWS ok), and Forensics.
  • Bachelor's degree, ideally in Computer Science, Security, Engineering, or a related field.
  • 3+ years of professional IT experience; experience in a large enterprise and a Security Operation Center (SOC) environment is desirable.
  • Experience with SEIM platforms such as SPLUNK: writing searches, creating dashboards, and performing forensics.
  • Experience with Endpoint detection and prevention suites (Symantec, Splunk, CrowdStrike, etc.): performing forensics, securing devices and collecting evidence.
  • A CISM or CISSP certification is desirable, to include those with Associate of (ISC)2 status.
  • Experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols.
  • Understanding of and experience with common Internet services/protocols, such as IP, TCP, UDP, HTTP, TLS, SMTP.
  • Requires excellent analytical ability, consultative and communication skills, strong judgment, and discretion in high pressure environments.
  • Strong verbal and written communication skills with ability to tailor message to various audiences (technical, operations, leadership, client).
  • Must be highly skilled and proficient in problem solving, with an aptitude and willingness to learn new technologies.
  • Self-motivated with the ability to manage and prioritize multiple deliverables.
  • Experience with GitHub, code management and versioning and documenting in markup a plus.
  • Experience with scripting (PowerShell, bash, etc.) is a plus
  • Experience with host-centric tools for forensic collection and analysis (Encase, FTK, etc.) is a plus.
  • Digital Forensics and Incident Response (DFIR) experience and certification is desirable. (Encase certified or GIAC: GBFA, GCFA, GCFE, GREM) is a plus
  • DFIR experience in cloud environments is a plus
  • Understanding of APT, Cyber Crime and other associated tactics is a plus
  • An interest in reverse engineering, red-teaming, penetration testing, and competing in Capture the Flag (CTF) events is a plus
#LI-KS2

#LI-Hybrid

Please Note: This position allows remote work but will require travel to our Voya office. Candidates must be located within a 50-mile radius from the assigned office. (CT, Atlanta or Minneapolis)

Be Well. Stay Well.

Voya provides the resources that can make a difference in your lives. To us, this means thriving physically, financially, socially and emotionally. Voya benefits are designed to help you do just that. That's why we offer an array of plans, programs, tools and resources with one goal in mind: To help you and your family be well and stay well.

What We Offer
  • Health, dental, vision and life insurance plans
  • 401(k) Savings plan - with generous company matching contributions (up to 6%)
  • Voya Retirement Plan - employer paid cash balance retirement plan (4%)
  • Tuition reimbursement up to $5,250/year
  • Paid time off - including 20 days paid time off, nine paid company holidays and a flexible Diversity Celebration Day.
  • Paid volunteer time - 40 hours per calendar year

Learn more about Voya benefits (download PDF)

Critical Skills

At Voya, we have identified the following critical skills which are key to success in our culture:
  • Customer Focused: Passionate drive to delight our customers and offer unique solutions that deliver on their expectations.
  • Critical Thinking: Thoughtful process of analyzing data and problem solving data to reach a well-reasoned solution.
  • Team Mentality: Partnering effectively to drive our culture and execute on our common goals.
  • Business Acumen: Appreciation and understanding of the financial services industry in order to make sound business decisions.
  • Learning Agility: Openness to new ways of thinking and acquiring new skills to retain a competitive advantage.

Learn more about Critical Skills

Equal Employment Opportunity

Voya Financial is an equal-opportunity employer. Voya Financial provides equal opportunity to qualified individuals regardless of race, color, sex, national origin, citizenship status, religion, age, disability, veteran status, creed, marital status, sexual orientation, gender identity, genetic information, or any other status protected by state or local law.

Reasonable Accommodations

We are committed to maintaining a diverse workforce. This commitment governs all decisions related to employment, including selection, development and compensation. It also includes an employee's request for reasonable accommodation. All employees will be treated in a manner free from discrimination or harassment. Voya is committed to providing equal employment opportunities for persons with disabilities, including reasonable accommodation when needed. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an application, please see our resources for applicants with disabilities .

Misuse of Voya's name in fraud schemes
  • ID: #43691793
  • State: Connecticut Windsor 06006 Windsor USA
  • City: Windsor
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2022-06-29
  • Deadline: 2022-08-27
  • Category: Et cetera