Job Description
This role is a strategic leader on the Security Operations team as an incident responder. The role plans the response to complex security threats and enhances the incident management framework. This role drives initiatives that bolster the bank’s cybersecurity defenses and fosters a culture of continuous improvement and resilience, refines IR processes, and communicates with stakeholders at all levels
.
MAJOR RESPONSIBILITIES
• :
Analyze data, make recommendations for remedial action and/or security network enhancements based on detailed analysis and ensure proper communication of issues and/or recommendations to both technical and non-technical audiences. This includes remediation efforts for day to day reported trouble tickets from internal custome
• rs.Research adversarial Tactics, Techniques and Procedures (TTPs) and developing novel detection and prevention techniques across multiple environments including network, endpoint and applications, particularly through use of the bank SIEM soluti
• on.Monitor events and alerts generated by firewalls, SIEMs, IDS and networking equipment Methodically identify system security issues and determine root cause via a consistent, logical approa
• ch.Work with senior engineers and technology management, define and drive security-based process improvemen
• ts.Create and/or maintain security documentation including security architecture diagrams, procedures, and Bank security standar
ds.
PROBLEM SOLVING & DECISION MAKI
NG: The Senior Incident Response engineer must possess strong problem-solving and decision-making abilities to efficiently navigate the intricacies of their role. The incumbent must have the ability to coordinate and make critical decisions in ambiguous and high-pressure situations. The individual must make decisions on items arising from day-to-day tasks, as well as collaborating with senior-level staff and management to make more significant decisions that have a greater organizational imp
act.
REQUIREME
NTS:
Education and Exper
• ience:College degree or equivalent combination of training and expe
• rience5+ years’ experience in security engineering w/ 3+ years working as a security eng
• ineer.1-2 years Azure expe
• rienceExperience with project management methodologies and with large scale enterprise and service provider net
works.
Skills/Kno
• wledge:
Solid Understanding of the f
• ollowingComputer forensic
• analysisFirewall te
• chnologySIEM configuration and content development ex
• perienceIP networking (TCP/IP and packet a
• nalysis)IPS/IDS system attack k
• nowledgeTwo factor Authentication
• systemsPowershell or python scripting
• languageKnowledge of LINUX and Windows system administratio
• n a plusMust be able to synthesize multiple data points across several business and technical
• domains.Must be analytical, well-organized, and self-d
• irected.Makes recommendations to manager on decisions of complex, multifaceted
• nature.Independently drives and coordinates solutions to complex
• mattersProficiency in handling complex security incidents, with a deep understanding of the current cybersecurity landscape and
• threats.Organizational and planning skills, with the ability to manage multiple projects and priorities effe
• ctively.Ability to implement new security tools in large scale projects. CISSP, GPEN, CEH a plus in addition to other network security certif
• icationsAdvanced level knowledge in designing and managing complex next gen firewall infrastructures to include firewall, IPSEC VPN and IPS/IDS, Advanced Networking, Acceleration & Clustering tech
• nologiesMust have the ability to communicate information and ideas so others will understand. Must be able to exchange accurate information in these sit
• uations.Ability to build relationships and strong alliances is
• crucialStrong ability to understand, accurately translate and produce technical information for a general
audience
Working Co
nditions:Physical
Demands:While performing the duties of this job, the employee must be able to remain in a stationary position 50% of the time. The employee frequently is required to operate a computer and other office productivity machinery, such as a calculator, copy machine, and printer. The employee is frequently required to move about inside the office to access workstations, office machinery, and other equipment. They also occasionally travel to locations outside of the facility, to attend meetings, trainings, events, and other business activities. The employee must have near visual acuity for working on a computer, far visual acuity, and peripheral vision necessary for driving a motor vehicle. The employee must occasionally lift and/or move boxes or equipment up to 50 pounds across office for vario
us needs.
Work En
vironment:Persons holding this position are generally subject to inside environmental conditions having the lighting, temperature, and noise level of an open floor-plan office environment (moderate, but occasionally loud at times). This role routinely uses standard office equipment such as computers, phones, photocopiers, and filing cabinets. Occasionally the employee will need to move self in different positions to accomplish tasks in various environments including tight and confined spaces, e.g., under desks and server rooms. They occasionally will be required to travel to other work locations. This employee must be able to work on-call/after-hours as
required.
💡 Quick Summary
Seeking a career-building opportunity? The Sr| Incident Response Analyst position is now open for candidates interested in the Bank Jobs sector. This role in New York City offers a professional environment and growth potential.
Requirement Snapshot: Candidates should possess basic communication skills, a proactive attitude, and the ability to work in a team. Experience in Bank Jobs is a plus.
