Hire Tech Services

3 jobs near Columbus, OH

Heavily use SQL programming (70-80%) Complex queries, stored procedure (inner, outer joins), T-SQL Could write up to 200 queries to complete a project 30-40% c#-- SQL Server (SSIS, c#)--this is a ...

Cybersecurity Incident Response Senior Analyst

Hire Tech Services

Manhattan, NY • On-site

$110K - $142K/yr

Other

Posted 23 days ago


Job description

The Cybersecurity Incident Response Senior Analyst plays a pivotal role in safeguarding the Bank’s digital assets by identifying, investigating, and mitigating cybersecurity incidents in accordance with internal and regulatory requirements. The ideal candidate will possess a foundation in governance, strong technical background, sound analytical thinking, and a deep understanding of the threat landscape. This is a hands-on role requiring collaboration across the enterprise.
Key Responsibilities
•  Incident Detection and Response
o  Support firm’s follow the sun processes ensuring continuous security monitoring of global networks
o  Monitor alerts from security platforms (incl. SIEM, Phishing, DLP, Threat Intelligence, etc.) and escalations from users, management, and SOC to effectively respond to anomalous and/or malicious activities.
o  Triage and prioritize events and incidents based on severity, impact, and scope.
o  Conduct root cause analysis and lead containment, eradication, and recovery efforts.
o  Analyze host-based and network-based artifacts and logs to reconstruct timelines 
o  Proactively search for indicators of compromise (IOCs) across systems and networks
o  Collect and preserve evidence from endpoints, servers, and logs in a legally defensible manner.
o  Continuously monitor threat intelligence and open-source advisories to proactively identify and respond to emerging threats.
o  Correlate with threat intelligence to contextualize findings and steer investigations 
•  Governance, Risk, and Compliance (GRC) Support
o  Ensure all incident response practices and activities align with internal security policies, procedures, runbooks, and regulatory mandates.
o  Support assessments, audit, and regulatory examinations by maintaining and providing incident-related evidence and documentation. 
o  Maintain thorough and complete documentation of all actions taken during incident response activities in accordance with policies and established incident response playbooks.
o  Maintain policies, procedures, and playbooks related to incident response.
•  Reporting & Metrics
o  Generate weekly and monthly reports and dashboards tailored for both technical and executive audiences.
o  Communicate business impact of CSIRT activities in a clear, risk-aligned manner.
o  Define, maintain, and report metrics, KPIs, and KRIs to measure program performance, risks, effectiveness, and compliance
•  Collaboration and Communication
o  Coordinate analysis and response efforts to security incidents, ensuring minimal impact and quick recovery
o  Work closely with technology, legal, compliance, and risk teams during major incidents
o  Act as an SME during post-incident reviews and contribute to incident reports
o  Maintain open communication with senior leadership and provide ongoing status updates
•  Process and Technology Optimization
o  Evaluate, implement, and optimize security processes and technologies to enhance detection and response capabilities.
o  Collaborate with service providers and vendors on tool enhancements and issue resolution.
o  Fine-tune detection rules to reduce false positives and improve fidelity.
•  Continuous Improvement
o  Conduct post-mortem reviews and contribute to lessons learned
o  Maintain awareness of the evolving threat landscape and disseminate knowledge internally.
o  Proactively identify gaps or inefficiencies in CSIRT policies, procedures, processes, and playbooks. 
o  Participate in cross-functional tabletop exercises and red/blue team simulations
Core Competencies
o  Ability to analyze, prioritize, and manage security incidents effectively.
o  Ability to manage multiple initiatives simultaneously, determine prioritization, and work under minimal supervision.
o  Awareness of latest Information Security risks.
o  Comfort working in a highly global, diverse, and hybrid (office and virtual) work environment.
o  Strong technology, information security, and analysis skills. 
o  Strong communication and documentation skills. 
o  Knowledge of business, regulatory, and compliance requirements in the financial services industry