Lead Security Analyst-Threat & Incident Response

About the position The Lead Security Analyst monitors for and leads the technical investigation and response to potentially suspicious and malicious activity on Bank IT systems. The Lead Incident Response Analyst monitors for new and emerging threats and leads the development and deployment of new alerts and tools to defend against those threats. In addition, the Lead Incident Response Analyst will assist in the review, analysis, and reporting of various threat intelligence indicators to determine their potential impact to the Bank. Responsibilities • First Responder when the Bank experiences a Cybersecurity Incident • Identifies new and emerging threats to the Bank • Ensures that the Bank has the processes and tools to defend against cybersecurity threats • Lead the technical investigation and response to Cybersecurity Incidents • Oversee Managed Security Service Provider (MSSP) performance, monitoring SLO compliance and working with the MSSP to address issues • Develop and implement new alerts and response playbooks in response to new and evolving threats • Utilize Bank security tools to investigate Alerts escalated by our Managed Security Services Provider (MSSP) • Support efforts to recognize intrusion attempts in IT systems and perform thorough reviews and analyses of event detail • Prepare detailed reporting and documentation of incidents and response actions • Analyze Cyber Security events to determine the risk of their occurrence and potential impact to the Bank • Deliver threat intelligence analysis and reporting to various Bank audiences • Train and mentor junior analysts on the team • Interface with other organization departments and business units providing high quality, low friction, IT security operations services Requirements • 7+ years of experience in a Cybersecurity Incident Response role • Associate degree (Computer Science or Engineering discipline; technical or professional experience may be substituted for formal education if necessary) • Security +, CEH, or similar Security Certifications desired (Not Required) • Strong understanding of data communication concepts and network/software configuration management • Experience with SEIM tools such as Splunk • Experience with Crowdstrike or similar EDR tool • Understanding of AWS or other Cloud Based environments • Able to work well under pressure and within short time constraints • Excellent documentation, communication and interpersonal skills • Excellent analytical and problem-solving abilities • Ability to prioritize and organize competing work demands • Strong organization skills and attention to detail Benefits • Highly competitive compensation and bonus package • Retirement program (401k and Pension) • Medical, dental and vision insurance • Lifestyle Spending Account • Competitive PTO plan • 11 paid holidays per year Apply tot his job