Incident Responder II

About The Position

Requirements

• 2+ years of cybersecurity experience, including roles in SOC, SIEM engineering, vulnerability management, incident response, etc.
• Hands on experience with SIEM platforms, EDR tools, incident response platforms, etc.
• Proficiency in monitoring and triaging security alerts
• Basic experience with forensic investigation
• Familiarity with vulnerability scanning tools, threat intelligence platforms, IAM platforms, encryption, email security, etc.
• Excellent communication and organizational skills.
• Quick learner with basic technical skills to efficiently navigate through various systems.
• Strong customer focus orientation.
• High attention to detail, analytical mindset, and problem-solving skills.
• Be able to work independently and maintain elevated levels of quality.
• Self-motivated individual capable of meeting departmental expectations and deadlines
• Ability to participate and contribute to a team environment.
• A minimum of a high school diploma or equivalent is required.

Nice To Haves

• 5+ years' experience in financial services operations or broker-dealer environment.
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science or related field.
• Higher level certifications, including CompTIA Security+, CySA+, GSEC, or CISSP, etc.
• Understanding of major security frameworks like NIST CSF, ISO 27001, SOC 2, PCI-DSS, HIPAA
• Understanding SQL for querying LMS as part of ongoing investigations.

Responsibilities

• Detect, analyze, and address cybersecurity incidents using SIEM, EDR, and other security solutions.
• Conduct root cause investigations and create remediation strategies for security events.
• Record incident response steps and keep thorough documentation for compliance and reporting purposes.
• Create incident reports, detailing the events of the incident to include attack vectors, identifying vulnerabilities, gaps, and outlining suggested remediation steps.
• Track security alerts and logs from both Windows and Linux platforms.
• Perform forensic examinations on compromised systems, including memory, disk, and network evidence.
• Identify indicators of compromise (IOCs) and update detection rules as needed.
• Apply containment measures to reduce the effects of security breaches.
• Work with system administrators to recover impacted systems and verify their integrity after incidents.
• Develop and update incident response playbooks and processes.
• Partner with threat intelligence teams to anticipate emerging threats.
• Suggest improvements to security across all environments.
• Ensure incident handling is consistent with regulatory and company guidelines.
• Create comprehensive incident reports for internal review and audits.
• All other duties as assigned.

Benefits

• health, vision, dental insurance
• 401k
• paid time away
• volunteer days
• annual performance-based bonus