Key Responsibilities:
Monitor and analyze security events, incidents, and vulnerabilities to identify potential threats and risks to the organization's IT infrastructure.
Respond to security incidents in a timely and effective manner, following the incident response process and procedures.
Collect, analyze, and preserve digital evidence related to security incidents.
Develop and maintain incident procedures, and playbooks.
Develop SIEM searches, alerts, dashboards, and alerts as needed for incident response and security monitoring.
Work with the Bank’s Managed Security Services Provider as well as Security and IT partners to investigate suspicious and malicious activity.
Participate in tabletop exercises, drills, and simulations to test the organization's incident response plans and procedures.
Stay up-to-date with the latest security technologies, trends, and threats to recommend best practices and solutions to enhance the organization's security posture.
Qualifications:
Bachelor's degree in Computer Science, Information Security, or related field.
At least three to five years of experience in IT security, with a focus on security operations.
Knowledge of security technologies, such as firewalls, intrusion detection and prevention systems, antivirus software, and vulnerability assessment tools.
Experience in conducting incident response and investigations particularly in cloud environments such as AWS and Azure.
Familiarity with security frameworks, such as NIST, ISO, and CIS.
Strong analytical and problem-solving skills.
Experience in creating alerts and other content in Splunk or other security tools is a plus.
Excellent communication and interpersonal skills.
Ability to work independently and as part of a team in a fast-paced, dynamic environment.
Relevant certifications, such as CompTIA Security+, Certified Information Systems