JobsEQ by Chmura Logo

Senior Cyber Security Incident Responder

DTCC
Location: 33647
Type: Non-Remote
Posted on: April 21, 2021
This job is no longer available from the source.
Desc Senior Cyber Security Incident Responder – Associate Director About DTCC:
With over 40 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From operating facilities and data centers around the world, DTCC automates, centralizes, and standardizes the processing of financial transactions across the trade lifecycle and mitigates risk for thousands of institutions worldwide.
At DTCC we value on our clients' interests and partner to deliver superior results with excellence and innovation and lead with integrity. We proactively develop your potential and invest in your career.
Why you'll love this job:
The Cyber Blue Team is primarily responsible for the preparation, detection and analysis, containment, eradication, recovery, and post-incident activity related to cyber-incidents. Cyber Incident Response combines a series of technical and non-technical components to establish the recommended cyber-incident detection, response, coordination, and resolution actions.
The Sr. Cyber Security Incident Responder will perform cyber-incident detection and analysis activities through the monitoring of security appliances, such as SIEM, IDS/IPS, EDR, and Network Threat Detection, conducting in-depth analysis of cyber alerts to confirm a compromise has occurred. This position will work closely with IT in developing response processes and playbooks and crafting and executing corresponding tabletop exercises.
Your Responsibilities
• Build and execute playbooks to strengthen response activities from events or incidents
• Collaborate with IT on cyber incident response strategies, roles and responsibilities
• Design and lead tabletop exercises passionate about responses to cyber events or incidents
• Provide hands-on incident response training for IT and other members of the Cyber Blue Team
• Lead security investigations and computer forensic analysis
• Develop incident reports to include root-cause analysis, incident impact, and remediation tracking
• Utilize detective controls to develop rules and alerts to drive security monitoring capabilities
• Build and implement standard operating procedures and processes to help streamline investigations, daily monitoring and analysis research to ensure all analysts are effective and following the same guidelines
• Proactively conduct research of DTCC network traffic and system activity looking for security anomalies and suspicious activities
• Analyze available data sources to identify trends and make recommendations to improve network, system and data security monitoring
• Perform Advanced Persistent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, IDS, IPS, and Cyber Threat Intelligence
• Conduct static and/or multifaceted analysis of malware to harvest indicators of compromise to improve security monitoring
Leadership Competencies for this level include
• Accountability : Demonstrates reliability by taking vital actions to continuously meet required deadlines and goals.
• Global Collaboration : Applies global perspective when working within a team by being aware of own style and ensuring all relevant parties are involved in key team tasks and decisions.
• Communication : Articulates information clearly and presents information optimally and expertly when working with others.
• Influencing : Convinces others by making a strong case, bringing others along to their viewpoint; maintains strong, positive relationships while at the same time is comfortable with results-oriented ideas.
• Innovation and Creativity : Thinks aggressively and out of the box, generates new insights and processes, and expertly pursues challenges as new avenues of opportunity.
Qualifications
• Demonstrable understanding of various security methodologies and processes, and technical security solutions (i.e. firewalls, proxies, and intrusion detection systems)
• Extensive knowledge of network and server security products, technologies, and protocols protocols including TCP/IP, UDP, DHCP, FTP, SFTP, ATM, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP and HTTPS.,
• Intelligence driven defense utilizing the MITRE ATT&CK Framework.
• Security certification(s) and/or official training, such as GCIH, CSIH, ECSA, CHFI, ECIH, CEH or similar, or degree
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
RequisitionType Professional JobSchedule Full time