Global Information Security helps to assess threats and set priorities, and to create flexible programs to actively manage their specific risks. Incident Management is an integral part of GIS and responsible for coordinating the response to and recovery from Information Security Incidents. The GIS team provides these services in the International space – as part of a Global team that spans multiple time zones.
The role of the Incident Manager is to lead and coordinate the response to and recovery from information security incidents. Collaborate with appropriate business partners and lines of business to analyze and contain information security incidents. Establish oversight of information security incidents and communicate analysis, containment, and remediation efforts to all involved partners. Determine the root cause of incidents and work with stakeholders and responsible parties to remediate any identified control gaps or failures. Escalate issues to management in a timely manner with appropriate information regarding risk, action times, and root cause analysis. Maintain & utilize an incident response & recovery plans. Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results.
Requirements
• Proven experience with Information Security related activities
• Experience in an operations focused information security role
• Experience conducting analysis/investigation and containment of potential data breeches or cyber security incidents
• Ability to lead technical bridge lines to develop quick containment solutions to cyber-security incidents
• Ability to handle multiple competing priorities in a fast-paced environment
• Ability to communicate effectively across all levels of a global financial institution
• Familiarity security vulnerabilities, exploits, malware and digital forensics
Desirable
• Degree - (B.S, M.S.) in Computer Science, Communications or a related field, or equivalent
• Familiarity with network security vulnerabilities, exploits, attacks and malware
• Previous incident response and/or malware reverse-engineering experience
• Ability to work effectively with technical and non-technical business owners
• In-depth familiarity with most operating systems, particularly UNIX and Windows