Cyber Incident Commander
Who are we looking for:
State Street seeks to recruit a Cyber Incident Commander that will lead the triage, analysis and response to cyber attacks. Join us in evolving our response capabilities to protect State Street, its customers and partners from the ever evolving and sophisticated global threat actors.
Remote work options will be considered for the highly skilled candidates. What will you be responsible for:
What we value:
- Leading a team of cyber incident handlers to oversee the cyber incident response process to ensure timely analysis, containment, eradication and return to service.
- Author incident status updates and closure reports to leadership.
- Produce post mortem reports to identify lessons learned and recommendations.
- Continuously prepare for incidents by updating incident response plans, playbooks and procedures.
- Manage and participate in cyber related exercises such as table tops and cyber ranges.
- Measure the effectiveness and performance of the incident response process through KRI and KPI metrics.
- Create development and training plans for incident response personnel.
- Identify methods to continuously enhance the incident response process
- Supporting incident handlers by providing tooling necessary to respond to incidents
- Maintaining relationships with partnering teams
- Creating an environment which drives knowledge sharing with the SOC
- Driving consistent/repeatable process for the handling of incidents by all members of the team
Education & Preferred Qualifications
- Experience with managing cyber incidents end to end
- Knowledge of network and host based forensic techniques
- Knowledge of adversarial tactics, techniques, and procedures
- Knowledge of cyber threat intelligence
- Knowledge of IT architecture and operations (computing, network, storage & cloud)
- Knowledge of security control technologies
- BS in Cyber Security, Information Technology, Computer Science or relevant experience
- +5 years in a cyber security management
- +3 years in a cyber security skill role -Incident Response, SOC Tier 3 Analyst, Threat Hunter, Penetration testing, etc.
- Financial Services experience a plus.
- Software development and/or scripting experience a plus: Python, Powershell, etc.
- Technical security certifications