As an Information Security Response Specialist, you will oversee activities relating to the monitoring and response of security incidents. You will consume, research, triage and document security events and alerts as they are received. Supporting multiple security-related platforms, working with team members in Information Security, Technology, other internal departments and external customers/partners. You will coordinate support for incident response efforts with application, system and networking teams. Working with IT infrastructure, security operations, security audit and end-user sources of information to ensure collection, correlation and reporting, and facilitation of corporate-wide information security events. This role must display an in-depth understanding of response management, new trends and technologies related to IT security and compliance, and contribute to our security roadmap. The Day-to-Day:
* Work as part of a growing Incident Response team in both a response and threat hunting capacity
* Monitor and respond to security events
* Implement regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress
* Stay current with and remain knowledgeable about new threats and IOCs and maintain working knowledge of advanced threat detection as the industry evolves
* Analyze attacker tactics, techniques and procedures (TTPs) from security events across a large network of security devices and end-user systems
* Participate in response training events with other members of the technology and security teams
* Manage a response investigation from alert notification to log and system analyses
* Develop automation and orchestration solutions to automate repetitive response tasks
* Follow service level agreements (SLAs), metrics and business scorecard obligations for ticket handling of security incidents and events
* Evaluate team procedures, and recommend updates to management
* Review and recommend improved tool usage and workflow, and advanced threat detection methods to mature monitoring and response capabilities
5+ years of cybersecurity experience (or 7 + years IT experience coupled with cybersecurity) with at least 2 years in security monitoring and response
* Working knowledge of adversary tactics, techniques and procedures (TTPs) and MITRE ATT&CK principles
* Experience improving monitoring and response capabilities at scale
* Experience translating complex technical concepts into business friendly language
* Experienced with one or more Scripting languages (eg, Python, PowerShell)
* Experience in Financial Services or other regulated industry with security as a top priority
* Deep skill set and understanding of the Microsoft stack
* PaaS experience including Azure and AWS
* SIEM Systems
* Security Automation and Orchestration Solutions
* Network analysis knowledge
* OSI model knowledge
It's the people that make the Fisher purpose possible, and to help our employees meet their long-term goals, we offer an array of benefits, including:
* 100% paid premiums for our top-tier supplemental medical, dental and annual health screening plans for employees and their qualified dependents
* 28 days annual leave, with the ability to purchase up to 3 additional days per year, plus up to 8 paid holidays
* Enhanced maternity pay package with 16 weeks' top up to full base pay for eligible employees
* $10,000 fertility, hormonal health and family-forming benefit
* A retirement pension plan, featuring a 9% company contribution of base pay with an additional company match of up to 5% of base pay on personal contributions
* Gym subsidy of up to £50 per month
* Employee Assistance Program and other emotional wellbeing services
* A collaborative working environment that practises ongoing training, educational support and employee appreciation events