Senior Associate, Cyber Incident Response

Senior Associate, Cyber Incident Response Cyber | New York, NY Reports to: Cyber Incident Response Manager Role Overview Senior Associate, Cyber Incident Response is a professional responsible for protecting computer systems, networks, and sensitive data from cyber-attacks, hacking attempts, and other security threats. The role is responsible for analyzing and responding to cybersecurity events within the Group and its Maison, including more complex and high-impact incidents. The role works with a team to identify, contain, investigate, and remediate cybersecurity threats in real-time, while also acting as a senior point of reference for investigation approaches and incident handling practices. This includes performing deeper technical analysis across multiple data sources (e.g., endpoint, network, identity, and cloud) and supporting more advanced investigations where required. In the context of Cyber Incidents, the role collaborates with other security and IT teams, leveraging available technology and systems to provide Incident Response services. In addition, the role contributes to other activities, such as participating in Group projects and initiatives with implications on IR services. The Senior Associate also supports knowledge sharing within the team, including guiding less experienced analysts and contributing to continuous improvement in playbooks, service operating model, and Group tools and processes. Responsibilities Monitor and analyse network traffic, system logs, and alerts to detect cybersecurity incidents. Investigate and respond to cybersecurity incidents in real-time, including handling more complex and high-severity cases. Work with a team of analysts to determine the scope, root cause, attack techniques, and impact of attacks. Perform detailed analysis across endpoint, network, identity, and cloud data sources, including log analysis, process activity, and authentication events. Support basic forensic investigations, including evidence collection, timeline reconstruction, and analysis of suspicious files or activities. Develop, implement, and maintain incident response plans, playbooks, and SOPs to contain and mitigate cybersecurity incidents. Develop and enhance incident detections and triggers, aligned with the evolving threat landscape and leveraging available technology (e.g., SIEM correlation, EDR detections). Operate with various systems in real-time to investigate, maintain, and track incidents across their lifecycle. Perform deeper analysis and correlation across multiple data sources to identify threats and potential lateral movement. Collaborate with other teams, including IT, security risk, forensics, and legal, to ensure a coordinated response to incidents. Communicate security incidents, findings, and recommendations to management, stakeholders, and relevant parties. Participate and provide value in projects and initiatives with implications on Incident Response services. Support and guide junior analysts during investigations, including reviewing analysis, suggesting approaches, and providing hands‑on assistance when required. Contribute to team knowledge development through documentation, training sessions, and sharing investigation techniques and lessons learned. Stay up to date with the latest security threats, vulnerabilities, and attack techniques to proactively identify and mitigate potential risks. Manage and coordinate Cyber Security initiatives in the region, where required. Support projects from a Cyber Security perspective and ensure liaison with other Group Security departments. Qualifications Strong knowledge of networking, systems, identity, and cloud environments, including investigation and troubleshooting. Strong understanding of cybersecurity principles, including threat intelligence, incident response, forensics, vulnerability management, and cyber awareness. Practical experience in log analysis, endpoint investigation, and understanding attacker techniques (e.g., lateral movement, persistence, privilege escalation). Experience with security tools such as SOAR, SIEM, IDS/IPS, EDR, mail gateway, and other relevant technologies. Ability to handle complex incidents in a fast‑paced environment and manage multiple tasks simultaneously. Strong analytical and problem‑solving skills, with attention to detail. Good interpersonal skills, with the ability to work collaboratively with cross‑functional teams. Strong communication skills and ability to effectively communicate technical information to both technical and non‑technical stakeholders. Experience supporting or guiding less experienced analysts is an advantage. Excellent proficiency in English. Fluency in additional languages is a strong asset. Industry‑recognized security certifications, including but not limited to: CISSP, CEH, CISA, GSEC, GCIA, GCIH, GCFA, GCFE, GPEN, GWAPT, GMOB, GREM, GASF, GCTI or equivalent certifications, are a strong asset. Richemont offers a generous compensation and benefits package for eligible employees. Only candidates selected for further consideration will be contacted. We Offer – United States Employee wellbeing is a top priority at Richemont. We offer a comprehensive benefits program to support employees and their loved ones. Our core benefits include medical, dental, and vision programs. Health savings and flexible spending accounts are also available. The company offers income protection solutions including life insurance, disability benefits, and 401(k) with employer match. Understanding the importance of work‑life balance, our total rewards include paid time off, a wellness reimbursement benefit, and access to the employee assistance program. Employees are encouraged to make a difference in their local communities with volunteer days off, supporting initiatives that drive change. At Richemont, We Craft the Future! Expected Salary Range: $135,000 – 140,000 Salary will be determined based on relevant skills and experience. #J-18808-Ljbffr Richemont