Cybersecurity Incident Response Senior Analyst

The Cybersecurity Incident Response Senior Analyst plays a pivotal role in safeguarding the Bank’s digital assets by identifying, investigating, and mitigating cybersecurity incidents in accordance with internal and regulatory requirements. The ideal candidate will possess a foundation in governance, strong technical background, sound analytical thinking, and a deep understanding of the threat landscape. This is a hands‑on role requiring collaboration across the enterprise. Key Responsibilities Incident Detection and Response Support firm’s follow‑the‑sun processes ensuring continuous security monitoring of global networks Monitor alerts from security platforms (incl. SIEM, Phishing, DLP, Threat Intelligence, etc.) and escalations from users, management, and SOC to effectively respond to anomalous and/or malicious activities Triage and prioritize events and incidents based on severity, impact, and scope Conduct root cause analysis and lead containment, eradication, and recovery efforts Analyze host‑based and network‑based artifacts and logs to reconstruct timelines Proactively search for indicators of compromise (IOCs) across systems and networks Collect and preserve evidence from endpoints, servers, and logs in a legally defensible manner Continuously monitor threat intelligence and open‑source advisories to proactively identify and respond to emerging threats Correlate with threat intelligence to contextualize findings and steer investigations Governance, Risk, and Compliance (GRC) Support Ensure all incident response practices and activities align with internal security policies, procedures, runbooks, and regulatory mandates Support assessments, audit, and regulatory examinations by maintaining and providing incident‑related evidence and documentation Maintain thorough and complete documentation of all actions taken during incident response activities in accordance with policies and established incident response playbooks Maintain policies, procedures, and playbooks related to incident response Reporting & Metrics Generate weekly and monthly reports and dashboards tailored for both technical and executive audiences Communicate business impact of CSIRT activities in a clear, risk‑aligned manner Define, maintain, and report metrics, KPIs, and KRIs to measure program performance, risks, effectiveness, and compliance Collaboration and Communication Coordinate analysis and response efforts to security incidents, ensuring minimal impact and quick recovery Work closely with technology, legal, compliance, and risk teams during major incidents Act as an SME during post‑incident reviews and contribute to incident reports Maintain open communication with senior leadership and provide ongoing status updates Process and Technology Optimization Evaluate, implement, and optimize security processes and technologies to enhance detection and response capabilities Collaborate with service providers and vendors on tool enhancements and issue resolution Fine‑tune detection rules to reduce false positives and improve fidelity Continuous Improvement Conduct post‑mortem reviews and contribute to lessons learned Maintain awareness of the evolving threat landscape and disseminate knowledge internally Proactively identify gaps or inefficiencies in CSIRT policies, procedures, processes, and playbooks Participate in cross‑functional tabletop exercises and red/blue team simulations Core Competencies Ability to analyze, prioritize, and manage security incidents effectively Ability to manage multiple initiatives simultaneously, determine prioritization, and work under minimal supervision Awareness of latest Information Security risks Comfort working in a highly global, diverse, and hybrid (office and virtual) work environment Strong technology, information security, and analysis skills Strong communication and documentation skills Knowledge of business, regulatory, and compliance requirements in the financial services industry #J-18808-Ljbffr