Senior Incident Responder (GSOC)

London Stock Exchange Group-posted 2 months ago
$105,900 - $176,500/Yr
Full-time • Senior
New York, NY
5,001-10,000 employees
Securities, Commodity Contracts, and Other Financial Investments and Related Activities
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Senior Incident Response role is part of a global Incident Response team that sits within the Global Security Operations Centre (GSOC). The role is responsible for identifying and responding to cyber security incidents and enhancing the defensive capabilities of the GSOC. LSEG GSOC is a central function employing people, process and technology to continuously monitor and respond to cyber security incidents. Security Operations spans multiple domains including cyber threat intelligence, cyber threat detection, data loss prevention and cyber incident response.

  • Serve as a focal technical lead on cyber security events and incidents.
  • Provide technical, hands-on incident investigation and support and serve as a main point of contact with management.
  • Conduct complex digital forensics and advanced malware analysis investigations.
  • Facilitate, document and manage root cause analysis and post-incident review process, including tracking all action items and lessons learned through to implementation.
  • Preserve, harvest, and analyse data from computer systems including desktops, servers (virtual/physical) and appliances.
  • Handle the chain of custody for all evidence collected during incidents, security, and forensic investigations.
  • Build and improve defensive capabilities using monitoring technologies including SIEM and EDR.
  • Perform proactive threat hunting and threat modelling to identify cyber threats.
  • Coach and mentor incident responders in the steps to take to investigate and resolve computer security incidents.
  • Experience performing complex digital forensic and incident response investigations.
  • Deep knowledge of common operating systems (e.g. macOS, Windows, Unix, Linux) and their associated file systems.
  • Proficient with industry-standard incident response toolsets such as Axiom, X-Ways, FTK and Volatility.
  • Knowledge of cloud technologies and cloud infrastructures such as AWS, GCP, Azure, O365.
  • Experience with conducting log analysis across different components of a typical organisation estate (e.g. OS, network, cloud).
  • Deep understanding of advanced cyber adversary tools, techniques and procedures.
  • Good understanding of Security Operations Centre (SOC) practices, processes and procedures.
  • Good understanding of incident response processes and procedures, including common frameworks (e.g. NIST, MITRE ATT&CK, etc).
  • Automating and refining incident response procedures/playbooks to improve SOC efficiencies.
  • Policies, standards and security frameworks, NIST, CIS.
  • Preferred experience and knowledge of cyber security in global financial services and/or regulated environments.
  • Annual Wellness Allowance
  • Paid time-off
  • Medical, Dental, Vision
  • Flex Spending & Health Savings Options
  • Prescription Drug plan
  • 401(K) Savings Plan and Company match
  • Basic life insurance
  • Disability benefits
  • Emergency backup dependent care
  • Adoption assistance
  • Commuter assistance
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service