Job Summary
As a member of Finastras Global Information Security Incident Response team, the Cyber Security Incident Handler will coordinate the response activities for cyber security incidents across the Global company environment. The successful candidate will focus on reviewing, triaging, analyzing, and remediating cyber security incidents. The Incident Handler is the escalation point for Security Operations Center (SOC) analysts, and as such, will handle validated cyber security incidents, in accordance with the Cyber Security Incident Response process. The successful candidate will perform functions such as log analysis, conduct in-depth technical analysis of network traffic and endpoint systems, enrich data using multiple sources, and will be responsible for rapid handling and mitigation of cyber security incidents.
The candidate will also have an opportunity to participate in a number of Global cyber security initiatives. Successful candidates should be familiar with incident response processes, network investigative techniques, network intrusion patterns, Operating System investigative techniques, malware analysis, and cyber security trends and issues. Sr. Incident Response handlers are considered thought leaders, should be willing to mentor and advise others, and will help drive the operational and strategic growth of the organization.Responsibilities
Acts as Security Incident Handler for high-impact cyber security incidents and advanced attacks in accordance with Cyber Kill Chain methodology and incident response process.
Understands Incident Response processes and participate in analysis, containment, and eradication/remediation of cyber security incidents.
Conducts malware analysis and identification of Indicators of Compromise (IOCs) to evaluate incident scope and associated impact.
Enhances workflow and processes driving incident response and mitigation efforts
Understands and executes the full Incident Management Lifecycle to identify and improve preventative security controls and security incident detection capability.
Expertly leverages Digital Forensics techniques, tools, and capabilities to support Cyber Incident Response activities.
Performs analysis of logs from various security controls, including, but not limited to, firewall, proxy, host intrusion prevention systems, endpoint security, and application and system logs, to identify possible threats to network security.
Provides leadership and guidance to the appropriate teams to improve and enhance Finastras cyber security prevention, detection and response capabilities.
Writes technical articles for knowledge sharing.This Position Requires
Extensive cross-group collaboration and coordination;
Excellent oral and written communication skills;
Attention to detail; and
A highly organized, process-focused aptitude.Knowledge / Skill
Qualifications Desired
Six or more years of relevant work experience.
Experience working Incident Response processes network investigative techniques, network intrusion patterns, malware analysis, and/or cyber security trends.
Experience executing various Incident Response Frameworks and Handling Procedures.
Experience with malware reverse engineering.
Experience in Cyber Intelligence or in related disciplines.
Cybersecurity experience in the financial industry.
Previous experience with Cyber Kill Chain and diamond model methodology.
Understanding of Networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture.
Understanding Operating Systems and their architectures: Windows, Unix/Linux, and OSX Operating Systems.
Leadership and mentoring skills to help advance the overall capabilities of Finastras Global Information Security organization.
Strong communication, presentation, and leadership skills along with the ability to work in a highly collaborative environment.
Strong relationship skills and collaborative style to enable success across multiple departments and disciplines.
Manages multiple priorities in a high pressure environment.
Ability to comply with any regulatory requirements.Education / Certifications
Bachelor’s degree from an accredited college or university, or equivalent experience. A degree in Computer Science, Computer/Data Systems Management or a related field or discipline is preferred but not required.
Certification in one or more of the following areas is desired but not required: CERT-Certified Computer Security Incident Handler, GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Network Forensic Analyst (GNFA), GIAC Cyber Threat Intelligence (GCTI), and Certified Information Security Professional (CISSP)
*************************************************************************************************************
The above statements describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required.Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential job functions. If you need assistance or an accommodation due to disability please contact your recruitment partner.
*************************************************************************************************************


Source link