Job No Longer Available
This position is no longer listed on WhatJobs. The employer may be reviewing applications, filled the role, or has removed the listing.
However, we have similar jobs available for you below.
Incident Response Analyst
10701 Yonkers, New York
Prestige Staffing Information Technology Job
Posted 11 days ago
Job Viewed
Job Description
JobID: 50798
Job Title: Information Security Engineer (Incident Response Analyst)
Job Summary:
We're seeking an Incident Response Analyst to join our IT Security Ops team. As a key member of our team, you'll play a critical role in identifying, analyzing, and responding to security incidents. Your expertise will help protect our organization's assets and ensure the continuity of our operations.
Key Responsibilities:
As an Incident Response Analyst, you'll focus on developing your skills and expertise in incident response. Some of your key responsibilities may include:
Our IT Security Ops team is a dynamic and collaborative group focused on protecting our organization's security posture. We're looking for talented individuals who share our passion for security and are committed to delivering exceptional results.
#Dice
Job Title: Information Security Engineer (Incident Response Analyst)
Job Summary:
We're seeking an Incident Response Analyst to join our IT Security Ops team. As a key member of our team, you'll play a critical role in identifying, analyzing, and responding to security incidents. Your expertise will help protect our organization's assets and ensure the continuity of our operations.
Key Responsibilities:
- Assist in analyzing and responding to security incidents, including root cause analysis and containment
- Support the development and maintenance of incident response playbooks and procedures
- Conduct research and analysis on security threats and vulnerabilities
- Assist in implementing incident response plans and procedures
- Participate in tabletop exercises and post-incident reviews to improve incident response capabilities
- Monitor security event logs and alerts, escalating incidents as necessary
- Collaborate with cross-functional teams to implement security measures and controls
As an Incident Response Analyst, you'll focus on developing your skills and expertise in incident response. Some of your key responsibilities may include:
- Monitoring security event logs and alerts, identifying potential security incidents
- Assisting in the analysis and triage of security incidents
- Conducting basic research and analysis on security threats and vulnerabilities
- Supporting the development of incident response plans and procedures
- Participating in training and development programs to improve incident response skills and knowledge
- Collaborating with senior analysts to respond to security incidents and implement incident response plans
- 3-4 years of experience in incident response, security operations, or a related field (or equivalent experience and education)
- Basic knowledge of threat analysis, incident response, and security frameworks (e.g., NIST, MITRE ATT&CK)
- Strong analytical and problem-solving skills
- Ability to communicate complex technical concepts to non-technical stakeholders
- Familiarity with security tools and technologies, such as SIEM, EDR, and threat intelligence platforms
- East Coast working hours, with a preference for our time zone
- On-site presence required 4 times a year, with remote work options for the remainder of the time
- Budgeted salary is $125000 per year. Based on market conditions, a salary range of $130,000 may be negotiable depending on experience and qualifications.
Our IT Security Ops team is a dynamic and collaborative group focused on protecting our organization's security posture. We're looking for talented individuals who share our passion for security and are committed to delivering exceptional results.
#Dice
View Now
0
Security Incident Response
12260 Albany, New York
Lincoln Financial
Posted 21 days ago
Job Viewed
Job Description
**Alternate Locations:** Work from Home
**Work Arrangement:**
Remote : Work at home employee
**Relocation assistance:** is not available for this opportunity.
**Requisition #:** 74030
**The Role at a Glance**
This position continuously monitors the alert queue; investigates security alerts; monitors health of security sensors and endpoints; collects data and context necessary to initiate IR response. In addition, the analyst will be responsible for maintaining multiple security technologies for detecting and preventing IT security incidents.
**What you'll be doing**
+ Responsible for correlation and initial triage of security events and indicators generated by security monitoring tools to determining scope, urgency and potential impact.
+ Document incidents from initial detection through final resolution.
+ Perform incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify suspicious and malicious activities.
+ Maintain expertise in Operating Systems (Windows/Linux) operations and artifacts to assist in investigations.
+ Ability to analyze different data types from various sources within the enterprise and draw conclusions regarding past and potential current security incidents
+ Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.
+ Perform threat hunting exercises to proactively and iteratively discover current or historical threats that evade existing security mechanisms and use that information to improve cyber resilience.
+ Create and modify SIEM dashboards to clearly identify scope of findings or monitor activity.
+ Tune and maintain security tool policies (EDR, IPS, Content Filter, etc.) to reduce false positives and improve tool detection capabilities.
**What we're looking for**
+ 3 - 5+ Years Experience with one or more of the following technologies: Endpoint Detection and Response (EDR/XDR) and/or DFIR opensource tools (Ex. Kape, Plaso Log2Timeline, Autopsy, etc.)
+ 3 - 5+ Years Information Security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.
+ 4 Year/Bachelor's degree or equivalent work experience
#DICE
**What's it like to work here?**
At Lincoln Financial, we love what we do. We make meaningful contributions each and every day to empower our customers to take charge of their lives. Working alongside dedicated and talented colleagues, we build fulfilling careers and stronger communities through a company that values our unique perspectives, insights and contributions and invests in programs that empower each of us to take charge of our own future.
**What's in it for you:**
+ Clearly defined career tracks and job levels, along with associated behaviors for each of Lincoln's core values and leadership attributes
+ Leadership development and virtual training opportunities
+ PTO/parental leave
+ Competitive 401K and employee benefits ( Free financial counseling, health coaching and employee assistance program
+ Tuition assistance program
+ Work arrangements that work for you
+ Effective productivity/technology tools and training
The pay range for this position is $75,701 - $140,700 with **anticipated pay for new hires between the minimum and midpoint of the range** and could vary above and below the listed range as permitted by applicable law. Pay is based on non-discriminatory factors including but not limited to work experience, education, location, licensure requirements, proficiency and qualifications required for the role. The base pay is just one component of Lincoln's total rewards package for employees. In addition, the role may be eligible for the Annual Incentive Program, which is discretionary and based on the performance of the company, business unit and individual. Other rewards may include long-term incentives, sales incentives and Lincoln's standard benefits package.
**About The Company**
Lincoln Financial (NYSE: LNC) helps people to confidently plan for their version of a successful future. We focus on identifying a clear path to financial security, with products including annuities, life insurance, group protection, and retirement plan services.
With our 120-year track record of expertise and integrity, millions of customers trust our solutions and service to help put their goals in reach.
Lincoln Financial Distributors, a broker-dealer, is the wholesale distribution organization of Lincoln Financial. Lincoln Financial is the marketing name for Lincoln Financial Corporation and its affiliates including The Lincoln National Life Insurance Company, Fort Wayne, IN, and Lincoln Life & Annuity Company of New York, Syracuse, NY. Lincoln Financial affiliates, their distributors, and their respective employees, representatives and/or insurance agents do not provide tax, accounting or legal advice.
Lincoln is committed to creating a diverse and inclusive ( environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Follow us on Facebook ( , X ( , LinkedIn ( , Instagram ( , and YouTube ( . For the latest company news, visit our newsroom ( .
**Be Aware of Fraudulent Recruiting Activities**
If you are interested in a career at Lincoln, we encourage you to review our current openings and apply on our website. Lincoln values the privacy and security of every applicant and urges all applicants to diligently protect their sensitive personal information from scams targeting job seekers. These scams can take many forms including fake employment applications, bogus interviews and falsified offer letters.
Lincoln will not ask applicants to provide their social security numbers, date of birth, bank account information or other sensitive information in job applications. Additionally, our recruiters do not communicate with applicants through free e-mail accounts (Gmail, Yahoo, Hotmail) or conduct interviews utilizing video chat rooms. We will never ask applicants to provide payment during the hiring process or extend an offer without conducting a phone, live video or in-person interview. Please contact Lincoln's fraud team at if you encounter a recruiter or see a job opportunity that seems suspicious.
**Additional Information**
This position may be subject to Lincoln's Political Contribution Policy. An offer of employment may be contingent upon disclosing to Lincoln the details of certain political contributions. Lincoln may decline to extend an offer or terminate employment for this role if it determines political contributions made could have an adverse impact on Lincoln's current or future business interests, misrepresentations were made, or for failure to fully disclose applicable political contributions and or fundraising activities.
Any unsolicited resumes or candidate profiles submitted through our web site or to personal e-mail accounts of employees of Lincoln Financial are considered property of Lincoln Financial and are not subject to payment of agency fees.
Lincoln Financial is an Equal Opportunity employer and, as such, is committed in policy and practice to recruit, hire, compensate, train and promote, in all job classifications, without regard to race, color, religion, sex (including pregnancy), age, national origin, disability, sexual orientation, gender identity and expression, Veteran status, or genetic information. Applicants are evaluated on the basis of job qualifications. If you are a person with a disability that impedes your ability to express your interest for a position through our online application process, or require TTY/TDD assistance, contact us by calling .
This Employer Participates in E-Verify. See the E-Verify ( notices.
Este Empleador Participa en E-Verify. Ver el E-Verify ( avisos.
Lincoln Financial Group ("LFG") is an Equal Opportunity employer and, as such, is committed in policy and practice to recruit, hire, compensate, train and promote, in all job classifications, without regard to race, color, religion, sex (including pregnancy), age, national origin, disability, sexual orientation, gender identity and expression, veterans status, or genetic information. Opportunities throughout LFG are available to employees and applicants and are evaluated on the basis of job qualifications. We have a drug free work environment and we perform pre-employment substance abuse testing.
**Work Arrangement:**
Remote : Work at home employee
**Relocation assistance:** is not available for this opportunity.
**Requisition #:** 74030
**The Role at a Glance**
This position continuously monitors the alert queue; investigates security alerts; monitors health of security sensors and endpoints; collects data and context necessary to initiate IR response. In addition, the analyst will be responsible for maintaining multiple security technologies for detecting and preventing IT security incidents.
**What you'll be doing**
+ Responsible for correlation and initial triage of security events and indicators generated by security monitoring tools to determining scope, urgency and potential impact.
+ Document incidents from initial detection through final resolution.
+ Perform incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify suspicious and malicious activities.
+ Maintain expertise in Operating Systems (Windows/Linux) operations and artifacts to assist in investigations.
+ Ability to analyze different data types from various sources within the enterprise and draw conclusions regarding past and potential current security incidents
+ Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.
+ Perform threat hunting exercises to proactively and iteratively discover current or historical threats that evade existing security mechanisms and use that information to improve cyber resilience.
+ Create and modify SIEM dashboards to clearly identify scope of findings or monitor activity.
+ Tune and maintain security tool policies (EDR, IPS, Content Filter, etc.) to reduce false positives and improve tool detection capabilities.
**What we're looking for**
+ 3 - 5+ Years Experience with one or more of the following technologies: Endpoint Detection and Response (EDR/XDR) and/or DFIR opensource tools (Ex. Kape, Plaso Log2Timeline, Autopsy, etc.)
+ 3 - 5+ Years Information Security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.
+ 4 Year/Bachelor's degree or equivalent work experience
#DICE
**What's it like to work here?**
At Lincoln Financial, we love what we do. We make meaningful contributions each and every day to empower our customers to take charge of their lives. Working alongside dedicated and talented colleagues, we build fulfilling careers and stronger communities through a company that values our unique perspectives, insights and contributions and invests in programs that empower each of us to take charge of our own future.
**What's in it for you:**
+ Clearly defined career tracks and job levels, along with associated behaviors for each of Lincoln's core values and leadership attributes
+ Leadership development and virtual training opportunities
+ PTO/parental leave
+ Competitive 401K and employee benefits ( Free financial counseling, health coaching and employee assistance program
+ Tuition assistance program
+ Work arrangements that work for you
+ Effective productivity/technology tools and training
The pay range for this position is $75,701 - $140,700 with **anticipated pay for new hires between the minimum and midpoint of the range** and could vary above and below the listed range as permitted by applicable law. Pay is based on non-discriminatory factors including but not limited to work experience, education, location, licensure requirements, proficiency and qualifications required for the role. The base pay is just one component of Lincoln's total rewards package for employees. In addition, the role may be eligible for the Annual Incentive Program, which is discretionary and based on the performance of the company, business unit and individual. Other rewards may include long-term incentives, sales incentives and Lincoln's standard benefits package.
**About The Company**
Lincoln Financial (NYSE: LNC) helps people to confidently plan for their version of a successful future. We focus on identifying a clear path to financial security, with products including annuities, life insurance, group protection, and retirement plan services.
With our 120-year track record of expertise and integrity, millions of customers trust our solutions and service to help put their goals in reach.
Lincoln Financial Distributors, a broker-dealer, is the wholesale distribution organization of Lincoln Financial. Lincoln Financial is the marketing name for Lincoln Financial Corporation and its affiliates including The Lincoln National Life Insurance Company, Fort Wayne, IN, and Lincoln Life & Annuity Company of New York, Syracuse, NY. Lincoln Financial affiliates, their distributors, and their respective employees, representatives and/or insurance agents do not provide tax, accounting or legal advice.
Lincoln is committed to creating a diverse and inclusive ( environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Follow us on Facebook ( , X ( , LinkedIn ( , Instagram ( , and YouTube ( . For the latest company news, visit our newsroom ( .
**Be Aware of Fraudulent Recruiting Activities**
If you are interested in a career at Lincoln, we encourage you to review our current openings and apply on our website. Lincoln values the privacy and security of every applicant and urges all applicants to diligently protect their sensitive personal information from scams targeting job seekers. These scams can take many forms including fake employment applications, bogus interviews and falsified offer letters.
Lincoln will not ask applicants to provide their social security numbers, date of birth, bank account information or other sensitive information in job applications. Additionally, our recruiters do not communicate with applicants through free e-mail accounts (Gmail, Yahoo, Hotmail) or conduct interviews utilizing video chat rooms. We will never ask applicants to provide payment during the hiring process or extend an offer without conducting a phone, live video or in-person interview. Please contact Lincoln's fraud team at if you encounter a recruiter or see a job opportunity that seems suspicious.
**Additional Information**
This position may be subject to Lincoln's Political Contribution Policy. An offer of employment may be contingent upon disclosing to Lincoln the details of certain political contributions. Lincoln may decline to extend an offer or terminate employment for this role if it determines political contributions made could have an adverse impact on Lincoln's current or future business interests, misrepresentations were made, or for failure to fully disclose applicable political contributions and or fundraising activities.
Any unsolicited resumes or candidate profiles submitted through our web site or to personal e-mail accounts of employees of Lincoln Financial are considered property of Lincoln Financial and are not subject to payment of agency fees.
Lincoln Financial is an Equal Opportunity employer and, as such, is committed in policy and practice to recruit, hire, compensate, train and promote, in all job classifications, without regard to race, color, religion, sex (including pregnancy), age, national origin, disability, sexual orientation, gender identity and expression, Veteran status, or genetic information. Applicants are evaluated on the basis of job qualifications. If you are a person with a disability that impedes your ability to express your interest for a position through our online application process, or require TTY/TDD assistance, contact us by calling .
This Employer Participates in E-Verify. See the E-Verify ( notices.
Este Empleador Participa en E-Verify. Ver el E-Verify ( avisos.
Lincoln Financial Group ("LFG") is an Equal Opportunity employer and, as such, is committed in policy and practice to recruit, hire, compensate, train and promote, in all job classifications, without regard to race, color, religion, sex (including pregnancy), age, national origin, disability, sexual orientation, gender identity and expression, veterans status, or genetic information. Opportunities throughout LFG are available to employees and applicants and are evaluated on the basis of job qualifications. We have a drug free work environment and we perform pre-employment substance abuse testing.
View Now
1
Cyber Incident Response - Incident Coordinator
14651 Rochester, New York
EY
Posted 21 days ago
Job Viewed
Job Description
At EY, we're all in to shape your future with confidence.
We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.
**EY Technology:**
Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.
EY Technology supports our technology needs through three business units:
**Client Technology (CT)** - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster and pursue those opportunities more rapidly.
**Enterprise Workplace Technology (EWT)** - EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience.
**Information Security (InfoSec)** - InfoSec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.
**The opportunity**
The Cyber & Investigative Services (CIS) Incident Coordinator will exercise strong incident management techniques to coordinate security incident response to cybersecurity events or incidents stemming from suspected threats. Candidates for the role must have a strong comprehension of incident response plans and coordination of activities, work well with others, and have strong verbal and written communication skills. Including, a sense of diplomacy, ability to anticipate obstacles, and decision-making skills to handle the fast-paced world of incident management. Foundational skills in incident response, incident management, chain of custody, forensics, event analysis, and hands on cyber security skills are essential.
**Your key responsibilities**
+ Coordinate response efforts to cyber incidents caused by external threats that may involve nontraditional working hours
+ Serve as a liaison to different businesses and interface with fellow team members and colleagues on other security teams. As-needed, manage relationships with business partners, management, vendors, and external parties
+ Drive integration with other corporate incident management programs to ensure consistency and alignment with peer support teams within IT
+ Help lead small to medium sized projects as directed by leadership
+ Be a champion for process and documentation. Develop and document processes to ensure consistent and scalable response operations, and ensure continuous improvement to the company's incident response plan
+ As requested, develop and deliver metrics to leadership
+ Create ready-to-go draft communications and ensure timely reports/updates to leadership during and after an event
+ Own and manage the teams internal action playbooks and knowledgebase
+ Must be willing to be on-call off-hours in rotation with other team members (Required)
**Skills and attributes for success**
+ Resolution of security incidents by validating root cause and solutions
+ Analyze findings in investigative matters, and develop fact-based reports
+ Ability to identify and articulate opportunities for improvement while helping drive lessons learned activities
+ Demonstrated integrity and judgment within a professional environment
+ Inquisitive approach to analysis and peer review
+ Application of emotional intelligence and calm under pressure
+ Ability to appropriately balance work/personal priorities
**To qualify for the role, you must have**
**Education:**
+ Bachelors or Masters Degree in Computer Science, Information Systems, Engineering, a related field, or equivalent experience
**Experience:**
+ 7+ years' experience in at least two of the following roles:
+ Member of a Security Operations Center (SOC)
+ Security Incident Response Analyst or supporting function (2 years minimum)
+ eDiscovery or related role performing forensic functions
+ Deep understanding of security threats, vulnerabilities, and incident response
+ Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
+ Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
+ Understanding of regulatory stipulations regarding security incidents
+ Experience with SIEM technologies (i.e. Splunk)
+ Deep understanding of both Windows and Unix/Linux based operating systems
**Ideally, you'll also**
+ Candidates must hold or be willing to pursue related professional certifications such as GCFE, GCFA, GCIH, CISA, CISM, CISSP, or CCIM
**What we look for**
+ Demonstrated integrity in a professional environment
+ Ability to work independently
+ Have a global mind-set for working with different cultures and backgrounds
+ Knowledgeable in business industry standard security incident response process, procedures, and life-cycle
+ Excellent organizational skills and strong attention to detail
+ Excellent teaming skills
+ Excellent social, communication, and writing skills
+ Excellent customer service skills required
**What we offer you**
The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary ranges. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more .
+ We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $124,400 to $32,700. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is 149,300 to 264,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
+ Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.
+ Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
**Are you ready to shape your future with confidence? Apply today.**
EY accepts applications for this position on an on-going basis.
For those living in California, please click here for additional information.
EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.
**EY | Building a better working world**
EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.
Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.
EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law?
EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at .
We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.
**EY Technology:**
Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.
EY Technology supports our technology needs through three business units:
**Client Technology (CT)** - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster and pursue those opportunities more rapidly.
**Enterprise Workplace Technology (EWT)** - EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience.
**Information Security (InfoSec)** - InfoSec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.
**The opportunity**
The Cyber & Investigative Services (CIS) Incident Coordinator will exercise strong incident management techniques to coordinate security incident response to cybersecurity events or incidents stemming from suspected threats. Candidates for the role must have a strong comprehension of incident response plans and coordination of activities, work well with others, and have strong verbal and written communication skills. Including, a sense of diplomacy, ability to anticipate obstacles, and decision-making skills to handle the fast-paced world of incident management. Foundational skills in incident response, incident management, chain of custody, forensics, event analysis, and hands on cyber security skills are essential.
**Your key responsibilities**
+ Coordinate response efforts to cyber incidents caused by external threats that may involve nontraditional working hours
+ Serve as a liaison to different businesses and interface with fellow team members and colleagues on other security teams. As-needed, manage relationships with business partners, management, vendors, and external parties
+ Drive integration with other corporate incident management programs to ensure consistency and alignment with peer support teams within IT
+ Help lead small to medium sized projects as directed by leadership
+ Be a champion for process and documentation. Develop and document processes to ensure consistent and scalable response operations, and ensure continuous improvement to the company's incident response plan
+ As requested, develop and deliver metrics to leadership
+ Create ready-to-go draft communications and ensure timely reports/updates to leadership during and after an event
+ Own and manage the teams internal action playbooks and knowledgebase
+ Must be willing to be on-call off-hours in rotation with other team members (Required)
**Skills and attributes for success**
+ Resolution of security incidents by validating root cause and solutions
+ Analyze findings in investigative matters, and develop fact-based reports
+ Ability to identify and articulate opportunities for improvement while helping drive lessons learned activities
+ Demonstrated integrity and judgment within a professional environment
+ Inquisitive approach to analysis and peer review
+ Application of emotional intelligence and calm under pressure
+ Ability to appropriately balance work/personal priorities
**To qualify for the role, you must have**
**Education:**
+ Bachelors or Masters Degree in Computer Science, Information Systems, Engineering, a related field, or equivalent experience
**Experience:**
+ 7+ years' experience in at least two of the following roles:
+ Member of a Security Operations Center (SOC)
+ Security Incident Response Analyst or supporting function (2 years minimum)
+ eDiscovery or related role performing forensic functions
+ Deep understanding of security threats, vulnerabilities, and incident response
+ Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
+ Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
+ Understanding of regulatory stipulations regarding security incidents
+ Experience with SIEM technologies (i.e. Splunk)
+ Deep understanding of both Windows and Unix/Linux based operating systems
**Ideally, you'll also**
+ Candidates must hold or be willing to pursue related professional certifications such as GCFE, GCFA, GCIH, CISA, CISM, CISSP, or CCIM
**What we look for**
+ Demonstrated integrity in a professional environment
+ Ability to work independently
+ Have a global mind-set for working with different cultures and backgrounds
+ Knowledgeable in business industry standard security incident response process, procedures, and life-cycle
+ Excellent organizational skills and strong attention to detail
+ Excellent teaming skills
+ Excellent social, communication, and writing skills
+ Excellent customer service skills required
**What we offer you**
The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary ranges. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more .
+ We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $124,400 to $32,700. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is 149,300 to 264,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
+ Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.
+ Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
**Are you ready to shape your future with confidence? Apply today.**
EY accepts applications for this position on an on-going basis.
For those living in California, please click here for additional information.
EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.
**EY | Building a better working world**
EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.
Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.
EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law?
EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at .
View Now
2
Cyber Incident Response - Incident Coordinator
11853 Jericho, New York
EY
Posted 21 days ago
Job Viewed
Job Description
At EY, we're all in to shape your future with confidence.
We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.
**EY Technology:**
Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.
EY Technology supports our technology needs through three business units:
**Client Technology (CT)** - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster and pursue those opportunities more rapidly.
**Enterprise Workplace Technology (EWT)** - EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience.
**Information Security (InfoSec)** - InfoSec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.
**The opportunity**
The Cyber & Investigative Services (CIS) Incident Coordinator will exercise strong incident management techniques to coordinate security incident response to cybersecurity events or incidents stemming from suspected threats. Candidates for the role must have a strong comprehension of incident response plans and coordination of activities, work well with others, and have strong verbal and written communication skills. Including, a sense of diplomacy, ability to anticipate obstacles, and decision-making skills to handle the fast-paced world of incident management. Foundational skills in incident response, incident management, chain of custody, forensics, event analysis, and hands on cyber security skills are essential.
**Your key responsibilities**
+ Coordinate response efforts to cyber incidents caused by external threats that may involve nontraditional working hours
+ Serve as a liaison to different businesses and interface with fellow team members and colleagues on other security teams. As-needed, manage relationships with business partners, management, vendors, and external parties
+ Drive integration with other corporate incident management programs to ensure consistency and alignment with peer support teams within IT
+ Help lead small to medium sized projects as directed by leadership
+ Be a champion for process and documentation. Develop and document processes to ensure consistent and scalable response operations, and ensure continuous improvement to the company's incident response plan
+ As requested, develop and deliver metrics to leadership
+ Create ready-to-go draft communications and ensure timely reports/updates to leadership during and after an event
+ Own and manage the teams internal action playbooks and knowledgebase
+ Must be willing to be on-call off-hours in rotation with other team members (Required)
**Skills and attributes for success**
+ Resolution of security incidents by validating root cause and solutions
+ Analyze findings in investigative matters, and develop fact-based reports
+ Ability to identify and articulate opportunities for improvement while helping drive lessons learned activities
+ Demonstrated integrity and judgment within a professional environment
+ Inquisitive approach to analysis and peer review
+ Application of emotional intelligence and calm under pressure
+ Ability to appropriately balance work/personal priorities
**To qualify for the role, you must have**
**Education:**
+ Bachelors or Masters Degree in Computer Science, Information Systems, Engineering, a related field, or equivalent experience
**Experience:**
+ 7+ years' experience in at least two of the following roles:
+ Member of a Security Operations Center (SOC)
+ Security Incident Response Analyst or supporting function (2 years minimum)
+ eDiscovery or related role performing forensic functions
+ Deep understanding of security threats, vulnerabilities, and incident response
+ Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
+ Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
+ Understanding of regulatory stipulations regarding security incidents
+ Experience with SIEM technologies (i.e. Splunk)
+ Deep understanding of both Windows and Unix/Linux based operating systems
**Ideally, you'll also**
+ Candidates must hold or be willing to pursue related professional certifications such as GCFE, GCFA, GCIH, CISA, CISM, CISSP, or CCIM
**What we look for**
+ Demonstrated integrity in a professional environment
+ Ability to work independently
+ Have a global mind-set for working with different cultures and backgrounds
+ Knowledgeable in business industry standard security incident response process, procedures, and life-cycle
+ Excellent organizational skills and strong attention to detail
+ Excellent teaming skills
+ Excellent social, communication, and writing skills
+ Excellent customer service skills required
**What we offer you**
The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary ranges. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more .
+ We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $124,400 to $32,700. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is 149,300 to 264,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
+ Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.
+ Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
**Are you ready to shape your future with confidence? Apply today.**
EY accepts applications for this position on an on-going basis.
For those living in California, please click here for additional information.
EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.
**EY | Building a better working world**
EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.
Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.
EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law?
EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at .
We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.
**EY Technology:**
Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.
EY Technology supports our technology needs through three business units:
**Client Technology (CT)** - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster and pursue those opportunities more rapidly.
**Enterprise Workplace Technology (EWT)** - EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience.
**Information Security (InfoSec)** - InfoSec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.
**The opportunity**
The Cyber & Investigative Services (CIS) Incident Coordinator will exercise strong incident management techniques to coordinate security incident response to cybersecurity events or incidents stemming from suspected threats. Candidates for the role must have a strong comprehension of incident response plans and coordination of activities, work well with others, and have strong verbal and written communication skills. Including, a sense of diplomacy, ability to anticipate obstacles, and decision-making skills to handle the fast-paced world of incident management. Foundational skills in incident response, incident management, chain of custody, forensics, event analysis, and hands on cyber security skills are essential.
**Your key responsibilities**
+ Coordinate response efforts to cyber incidents caused by external threats that may involve nontraditional working hours
+ Serve as a liaison to different businesses and interface with fellow team members and colleagues on other security teams. As-needed, manage relationships with business partners, management, vendors, and external parties
+ Drive integration with other corporate incident management programs to ensure consistency and alignment with peer support teams within IT
+ Help lead small to medium sized projects as directed by leadership
+ Be a champion for process and documentation. Develop and document processes to ensure consistent and scalable response operations, and ensure continuous improvement to the company's incident response plan
+ As requested, develop and deliver metrics to leadership
+ Create ready-to-go draft communications and ensure timely reports/updates to leadership during and after an event
+ Own and manage the teams internal action playbooks and knowledgebase
+ Must be willing to be on-call off-hours in rotation with other team members (Required)
**Skills and attributes for success**
+ Resolution of security incidents by validating root cause and solutions
+ Analyze findings in investigative matters, and develop fact-based reports
+ Ability to identify and articulate opportunities for improvement while helping drive lessons learned activities
+ Demonstrated integrity and judgment within a professional environment
+ Inquisitive approach to analysis and peer review
+ Application of emotional intelligence and calm under pressure
+ Ability to appropriately balance work/personal priorities
**To qualify for the role, you must have**
**Education:**
+ Bachelors or Masters Degree in Computer Science, Information Systems, Engineering, a related field, or equivalent experience
**Experience:**
+ 7+ years' experience in at least two of the following roles:
+ Member of a Security Operations Center (SOC)
+ Security Incident Response Analyst or supporting function (2 years minimum)
+ eDiscovery or related role performing forensic functions
+ Deep understanding of security threats, vulnerabilities, and incident response
+ Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
+ Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
+ Understanding of regulatory stipulations regarding security incidents
+ Experience with SIEM technologies (i.e. Splunk)
+ Deep understanding of both Windows and Unix/Linux based operating systems
**Ideally, you'll also**
+ Candidates must hold or be willing to pursue related professional certifications such as GCFE, GCFA, GCIH, CISA, CISM, CISSP, or CCIM
**What we look for**
+ Demonstrated integrity in a professional environment
+ Ability to work independently
+ Have a global mind-set for working with different cultures and backgrounds
+ Knowledgeable in business industry standard security incident response process, procedures, and life-cycle
+ Excellent organizational skills and strong attention to detail
+ Excellent teaming skills
+ Excellent social, communication, and writing skills
+ Excellent customer service skills required
**What we offer you**
The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary ranges. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more .
+ We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $124,400 to $32,700. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is 149,300 to 264,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
+ Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.
+ Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
**Are you ready to shape your future with confidence? Apply today.**
EY accepts applications for this position on an on-going basis.
For those living in California, please click here for additional information.
EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.
**EY | Building a better working world**
EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.
Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.
EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law?
EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at .
View Now
3
Manager, Security Incident Response Operations
10176 New York, New York
Autodesk
Posted 21 days ago
Job Viewed
Job Description
**Job Requisition ID #**
25WD88255
**Position Overview**
_Autodesk's mission is to empower everyone, everywhere to design and make anything. We secure it._
Autodesk's Security Incident Response department is growing, building a senior team of security analysts in the United States. They participate in a broader security organization, geographically load balanced across the US, EMEA, and India, and lead security investigations across our expansive global footprint.
As a Security Incident Response Manager, you will drive the strategic and operational excellence of our incident response capabilities. You will lead a team of talented security professionals through critical, high-impact investigations. As a recognized Splunk master, you will be responsible for constructing intricate queries to unify data streams from diverse telemetry sources, identifying and tracking IOCs to their root cause. Your experience in building effective data paths from telemetry generating services to SIEM/SOAR systems will empower your team to respond to incidents swiftly and decisively.
**Responsibilities**
+ **Team Leadership & Development** : Manage and mentor a domestic team of security analysts dedicated to incident detection, response, and remediation. Develop training programs and career development initiatives to grow junior personnel
+ **Incident Response Oversight:** Coordinate and lead the investigation, containment, and resolution of security incidents, ensuring timely responses and accurate root cause analyses
+ **Splunk Expertise:** Leverage your advanced Splunk skills to build and optimize queries that integrate multiple data sources, driving actionable intelligence from complex security events
+ **Telemetry Integration:** Design and implement robust data pipelines, linking telemetry sources to our SIEM/SOAR systems to enhance real-time monitoring and detection capabilities
+ **Collaboration & Communication:** Liaise with cross-functional teams across Autodesk to deliver comprehensive incident reporting and strategic guidance during high-severity incidents
+ **Continuous Improvement:** Proactively research emerging threats, refine incident response procedures, and deploy innovative solutions to elevate our security posture
**Minimum Qualifications**
+ **Experience:** Minimum of 5+ years in security operations and incident response, including 2+ years in a managerial role. Proven success in leading high-performing, global or 24/7 security operations teams under high-pressure conditions is essential
+ **Technical Skills:** Advanced proficiency with Splunk, with demonstrated expertise in designing and executing intricate queries that integrate and analyze data from diverse sources. A proven track record in optimizing SIEM environments, including automating detection workflows and building effective telemetry pipelines, is highly valued
+ **Operational Expertise:** Extensive experience in telemetry integration and managing the complete incident lifecycle-from initial detection to root cause analysis and remediation. Familiarity with incident response frameworks, threat detection methodologies, and advanced forensics techniques is required to drive continuous improvement and operational excellence. Work closely with our Detections Engineering team to help tune Risk Based alerts post investigation
+ **Soft Skills:** Exceptional leadership, communication, and strategic thinking skills. A successful candidate will be an inspiring mentor capable of cultivating a collaborative team culture, articulating complex security concepts to both technical and non-technical stakeholders, and steering cross-functional initiatives
+ **Cloud Agnostic:** Comprehensive knowledge of cloud security operations across Azure, AWS, and GCP. Experience in configuring and integrating security tools in hybrid or multi-cloud environments is essential to maintain robust security postures across diverse platforms
**Learn More**
**About Autodesk**
Welcome to Autodesk! Amazing things are created every day with our software - from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.
We take great pride in our culture here at Autodesk - it's at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world.
When you're an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us!
**Benefits**
From health and financial benefits to time away and everyday wellness, we give Autodeskers the best, so they can do their best work. Learn more about our benefits in the U.S. by visiting transparency**
Salary is one part of Autodesk's competitive compensation package. For U.S.-based roles, we expect a starting base salary between $140,100 and $226,600. Offers are based on the candidate's experience and geographic location, and may exceed this range. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.
**Equal Employment Opportunity**
At Autodesk, we're building a diverse workplace and an inclusive culture to give more people the chance to imagine, design, and make a better world. Autodesk is proud to be an equal opportunity employer and considers all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender, gender identity, national origin, disability, veteran status or any other legally protected characteristic. We also consider for employment all qualified applicants regardless of criminal histories, consistent with applicable law.
**Diversity & Belonging**
We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: you an existing contractor or consultant with Autodesk?**
Please search for open jobs and apply internally (not on this external site).
25WD88255
**Position Overview**
_Autodesk's mission is to empower everyone, everywhere to design and make anything. We secure it._
Autodesk's Security Incident Response department is growing, building a senior team of security analysts in the United States. They participate in a broader security organization, geographically load balanced across the US, EMEA, and India, and lead security investigations across our expansive global footprint.
As a Security Incident Response Manager, you will drive the strategic and operational excellence of our incident response capabilities. You will lead a team of talented security professionals through critical, high-impact investigations. As a recognized Splunk master, you will be responsible for constructing intricate queries to unify data streams from diverse telemetry sources, identifying and tracking IOCs to their root cause. Your experience in building effective data paths from telemetry generating services to SIEM/SOAR systems will empower your team to respond to incidents swiftly and decisively.
**Responsibilities**
+ **Team Leadership & Development** : Manage and mentor a domestic team of security analysts dedicated to incident detection, response, and remediation. Develop training programs and career development initiatives to grow junior personnel
+ **Incident Response Oversight:** Coordinate and lead the investigation, containment, and resolution of security incidents, ensuring timely responses and accurate root cause analyses
+ **Splunk Expertise:** Leverage your advanced Splunk skills to build and optimize queries that integrate multiple data sources, driving actionable intelligence from complex security events
+ **Telemetry Integration:** Design and implement robust data pipelines, linking telemetry sources to our SIEM/SOAR systems to enhance real-time monitoring and detection capabilities
+ **Collaboration & Communication:** Liaise with cross-functional teams across Autodesk to deliver comprehensive incident reporting and strategic guidance during high-severity incidents
+ **Continuous Improvement:** Proactively research emerging threats, refine incident response procedures, and deploy innovative solutions to elevate our security posture
**Minimum Qualifications**
+ **Experience:** Minimum of 5+ years in security operations and incident response, including 2+ years in a managerial role. Proven success in leading high-performing, global or 24/7 security operations teams under high-pressure conditions is essential
+ **Technical Skills:** Advanced proficiency with Splunk, with demonstrated expertise in designing and executing intricate queries that integrate and analyze data from diverse sources. A proven track record in optimizing SIEM environments, including automating detection workflows and building effective telemetry pipelines, is highly valued
+ **Operational Expertise:** Extensive experience in telemetry integration and managing the complete incident lifecycle-from initial detection to root cause analysis and remediation. Familiarity with incident response frameworks, threat detection methodologies, and advanced forensics techniques is required to drive continuous improvement and operational excellence. Work closely with our Detections Engineering team to help tune Risk Based alerts post investigation
+ **Soft Skills:** Exceptional leadership, communication, and strategic thinking skills. A successful candidate will be an inspiring mentor capable of cultivating a collaborative team culture, articulating complex security concepts to both technical and non-technical stakeholders, and steering cross-functional initiatives
+ **Cloud Agnostic:** Comprehensive knowledge of cloud security operations across Azure, AWS, and GCP. Experience in configuring and integrating security tools in hybrid or multi-cloud environments is essential to maintain robust security postures across diverse platforms
**Learn More**
**About Autodesk**
Welcome to Autodesk! Amazing things are created every day with our software - from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.
We take great pride in our culture here at Autodesk - it's at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world.
When you're an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us!
**Benefits**
From health and financial benefits to time away and everyday wellness, we give Autodeskers the best, so they can do their best work. Learn more about our benefits in the U.S. by visiting transparency**
Salary is one part of Autodesk's competitive compensation package. For U.S.-based roles, we expect a starting base salary between $140,100 and $226,600. Offers are based on the candidate's experience and geographic location, and may exceed this range. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.
**Equal Employment Opportunity**
At Autodesk, we're building a diverse workplace and an inclusive culture to give more people the chance to imagine, design, and make a better world. Autodesk is proud to be an equal opportunity employer and considers all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender, gender identity, national origin, disability, veteran status or any other legally protected characteristic. We also consider for employment all qualified applicants regardless of criminal histories, consistent with applicable law.
**Diversity & Belonging**
We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: you an existing contractor or consultant with Autodesk?**
Please search for open jobs and apply internally (not on this external site).
View Now
4
Lead Incident Response Analyst
14266 Buffalo, New York
M&T Bank
Posted 3 days ago
Job Viewed
Job Description
Lead Cyber Incident Response Analyst
This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub.
At M&T Bank, cybersecurity isn't just a functionit's a mission-critical pillar of trust and resilience. As a Lead Cyber Incident Response Analyst, you'll be at the forefront of defending a top 20 U.S. bank's digital infrastructure, working with a team that values precision, collaboration, and innovation.
What You'll Do:
- Lead the response to complex cyber incidents, coordinating across threat intelligence, detection, and engineering teams - establishing relationships with business and technology leaders throughout the enterprise.
- Develop and refine incident response playbooks and automation strategies.
- Mentor junior analysts and contribute to the continuous improvement of detection and response capabilities.
- Collaborate with cross-functional teams to ensure alignment with enterprise risk and compliance frameworks.
- Consult on various aspects and impacts of technical threats to risk and business partners.
What You'll Gain:
- Career Growth: M&T is deeply committed to internal mobility and professional development, offering access to leadership training, certifications, and mentorship programs.
- Impactful Work: Your contributions will directly influence the bank's ability to protect millions of customers and maintain regulatory excellence.
- Determine root cause, scope of impact, and identify novel indicators of compromise or attack patterns of cybersecurity incidents through in-depth analysis and forensic investigation of incidents.
- Contribute to refining and updating incident response plans based on lessons learned from previous incidents and industry best practices, ensuring they align with regulatory requirements.
- Identify and recommend proactive measures to prevent future incidents, such as implementing security controls, making recommendations to technical security training, and assessing risk based on technical controls and potential impact.
- Suggest avenues to advance investigation steps during an incident, contributing to effective and swift resolution of incident.
- Partner with appropriate stakeholders to implement effective measures to contain and neutralize threats during incidents.
- Lead interdepartmental teams to apply lessons learned to proactively implement measures that prevent future incidents.
- Maintain detailed incident logs, including analysis and response activities, to support post-incident reviews, compliance requirements, and continuous improvement efforts and provide a reference for the future.
- Provide clear and concise updates to stakeholders and management teams, including executive summaries, impact assessments, and recommendations for ongoing improvements to the incident response process.
- Understand and adhere to the Company's risk and regulatory standards, policies, and controls in accordance with the Company's Risk Appetite. Identify risk-related issues needing escalation to management.
- Promote an environment that supports belonging and reflects the M&T Bank brand.
- Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
- Complete other related duties as assigned.
- The position exercises judgement in selecting methods, techniques, and evaluation criteria in obtaining results and exerts significant latitude in determining objective of assignment. Work is accomplished with limited direction.
- Primarily partners with individual contributors and people leaders from all business lines, up to directors and EVPs in business lines.
- Subject matter expert on multiple Cybersecurity platforms, applications, and tools within team.
- Leads documentation and execution of intermediate remediation plans that typically last between 1-2 months.
- Leads large scale investigations and engagements across all business lines of the Bank.
No supervisory responsibilities.
Education and Experience Required:- Bachelor's degree and a minimum of 5 years' relevant work experience, inclusive of 2 years' Cybersecurity incidence response work experience, or in lieu of a degree, a combined minimum of 9 years' higher education and/or work experience, including a minimum of 5 years' relevant work experience, inclusive of a minimum of 2 years' Cybersecurity incident response work experience.
- Advanced understanding of multiple Cybersecurity platforms, applications, and tools within team.
- Prior experience remaining composed and solving problems in high stress situations.
- Excellent verbal and written communication skills.
- Excellent interpersonal skills.
- Experience partnering with leaders to design solutions to business needs.
- Ability to influence incident response efforts inside and outside of Technology by leveraging project management principles, setting clear expectations, and escalating when appropriate.
- Ability to gain buy-in, related to incident response, of teams across the Bank through communicating priorities and risk.
- Prior experience prioritizing and delivering results across changing priorities and quickly changing landscape based on business and technology needs.
M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $110,635.01 - $184,391.68 Annual (USD). The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation.
Location: Buffalo, New York, United States of America
View Now
5
Incident Response & Forensics Analyst
10261 New York, New York
V Group
Posted 6 days ago
Job Viewed
Job Description
Direct message the job poster from V Group Inc.
Recruiting for NY - MTA, VITA, State of NC, SC, MI, MS, TN at V GroupJob Title: Incident Response & Forensics Analyst
Duration: 6+ Months
Location: Remote with Occasional visit to NYC
Position Type: Contract
Interview Type: In-person or Webcam
Ceipal ID: MTA_SECU653_MA
Job ID: 4653-1
*PLEASE NOTE THIS POSITION WILL ALLOW CONSULTANT TO WORK REMOTELY. HOWEVER, AS A Security Threat Intelligence, DUTIES WILL OCCASIONALLY NECESSITATE CONSULTANT TO WORK ONSITE. THEREFORE, WILL BE CRITICAL FOR THE CONSULTANT TO BE LOCAL TO NYC AND ABLE TO TRAVEL TO OUR OFFICE WITHOUT ISSUE, AS NEEDED (AT THEIR OWN EXPENSE).
The Metropolitan Transportation Authority (MTA) is seeking a highly technical Incident Response & Forensics Specialist. This position is a part of the IT Threat Intelligence group within the Cyber Security Operations Center and will be expected to provide direct support to the 24/7 Cyber Security Monitoring group as needed. The responsibilities include, but are not limited to, the following:
- Serving as a primary point of contact for MTA CSOC & MSSP Cybersecurity Incident escalations
- Interfaces directly with vendors & third parties for notified/observed compromises
- Forensics on memory, disks, and logs
- Malware analysis (dynamic & static)
- Involvement in full incident response lifecycle
- Processes evidence in accordance with Chain of Custody
- Creates Incident reports to brief to executive management
- Provide recommendations to prevent similar incidents
- Assist the Threat Intelligence group in other functions including Threat Readiness
Skills:
- Excellent communication skills
- Strong experience with digital forensic tools
- Strong understanding and analysis of code such as Powershell, PERL, Python
- Cybersecurity certifications (preferred)
- Experience with OT & PCI technologies (preferred)
- Bachelor's degree in Computer Science, Information Services, or IT Security related field Or- A satisfactory equivalent with at least 3 years of IT-Security experience.
- Minimum of 3 years of experience Tier 1 & 2 support for cyber security operation center.
- Minimum of 3 years experience with performing incident response functions & investigations
V Group Inc. is an IT Services company which supplies IT staffing, project management, and delivery services in software, network, help desk and all IT areas. Our primary focus is the public sector including state and federal contracts.
#J-18808-Ljbffr
View Now
Be The First To Know
About the latest Global security operations center world trade center Jobs in New York !
6
Associate Attorney - Incident Response
10261 New York, New York
Stott and May
Posted 6 days ago
Job Viewed
Job Description
Job Title: Incident Response Associate Attorney (26 Years of Experience)
Location: 100% Remote (U.S.-based)
Compensation Range: $140,000 $220,000, commensurate with experience
Practice Area: Cybersecurity & Data Privacy
About the Firm
Join a leading global law firm with a robust presence across 45+ offices spanning North America, Europe, Latin America, Asia-Pacific, and the Middle East. With a deep bench of experienced attorneys and cross-border resources, the firm is consistently recognized for its expertise in complex regulatory, litigation, and advisory work. The Cyber & Data Privacy team is highly ranked for its agile response to data breaches and cyber incidents of all sizes across a variety of industries.
Position Overview
We are seeking an associate attorney with 26 years of relevant experience to join our dynamic and growing Cyber Incident Response team. This is a fully remote position open to candidates located within the United States.
The ideal candidate will have direct experience advising clients through cybersecurity incidents and regulatory investigations. Candidates from both private practice and in-house legal departments are encouraged to apply.
Responsibilities
Act as breach counsel in response to cybersecurity incidents involving ransomware, business email compromise, and other network intrusions.
Manage and coordinate incident response efforts involving forensic firms, insurers, PR teams, and other third-party vendors.
Advise clients on regulatory notification obligations and coordinate filings with state, federal, and international authorities.
Support clients with post-incident remediation, litigation exposure, and regulatory inquiries (e.g., FTC, SEC, state AGs).
Work closely with global colleagues to ensure a consistent and strategic approach to cross-border data breach management.
Draft incident response documentation, client alerts, and related materials.
Qualifications
J.D. from an accredited law school and active bar membership in at least one U.S. jurisdiction.
26 years of legal experience, with a focus on data breach response, cybersecurity law, or privacy-related matters.
Strong understanding of state data breach laws, GDPR/UK GDPR, HIPAA, and industry regulations such as GLBA or NYDFS.
Excellent communication, organizational, and client-relations skills.
Experience in high-pressure environments managing multiple stakeholders.
Familiarity with cyber insurance frameworks is a plus.
Why Join Us?
Work remotely with autonomy while being part of a collaborative global network.
Engage with high-profile clients across industries including finance, healthcare, retail, and technology.
Be part of a premier, international Cyber & Data Privacy practice with opportunities for career development and cross-border work.
Competitive compensation and comprehensive benefits package.
#J-18808-Ljbffr
View Now
7
Incident Response & Forensics Specialist
10261 New York, New York
Axelon
Posted 6 days ago
Job Viewed
Job Description
Incident Response & Forensics Specialist
Mostly remote, close proximity to NYC Metro Region required. The client is seeking a highly technical Incident Response & Forensics Specialist. This position is a part of the IT Threat Intelligence group within the Cyber Security Operations Center and will be expected to provide direct support to the 24/7 Cyber Security Monitoring group as needed. The responsibilities include.
View Now
8
Cyber Incident Response Attorney
10261 New York, New York
Wilson Elser
Posted 6 days ago
Job Viewed
Job Description
Wilson Elser is a leading defense litigation law firm with more than 1300 attorneys in 43 offices throughout the United States. Founded in 1978, we rank among the top 100 law firms identified by The American Lawyer and 36 in the National Law Journal's survey of the nation's largest law firms. We're also Mansfield Certified Plus.
Our firm is committed to attracting and retaining professionals who value each other and the service we provide by embracing Teamwork, Collaboration, Client Service, and Innovation. If you are a motivated professional looking for a long-term fit where you can grow in a role, and will be valued and empowered, then we invite you to apply to our Cyber Incident Response Associate Attorney position in our New York City office.
This position offers a flexible, hybrid working arrangement.
The Position
This is a excellent opportunity for cybersecurity attorneys who are eager to advance their careers and take on significant, substantive responsibilities in defending complex cybersecurity-related cases.
Key Responsibilities:
Salary Range:
$125,000-$175,000 USD
Why Should You Apply?
Wilson Elser welcomes submissions of candidates for our open positions exclusively from recruitment agencies with an active, signed fee agreement who have been granted access to a position through our dedicated Recruitment Agency Portal. We are unable to consider submissions from recruitment agencies without a current (dated as of 7/1/2024) agreement in place. We appreciate your understanding. For collaboration inquiries or to establish an agreement, please contact us at
We believe in creating a work environment free of barriers and bias, where individual outlooks and talents are respected and valued. Our firm's policy is to ensure an equal employment opportunity without discrimination or harassment based on race, color, national origin, religion, age, sex, disability, citizenship, marital status, sexual orientation or any other characteristic protected by the law.
Our firm is committed to attracting and retaining professionals who value each other and the service we provide by embracing Teamwork, Collaboration, Client Service, and Innovation. If you are a motivated professional looking for a long-term fit where you can grow in a role, and will be valued and empowered, then we invite you to apply to our Cyber Incident Response Associate Attorney position in our New York City office.
This position offers a flexible, hybrid working arrangement.
The Position
This is a excellent opportunity for cybersecurity attorneys who are eager to advance their careers and take on significant, substantive responsibilities in defending complex cybersecurity-related cases.
Key Responsibilities:
- Incident response for cybersecurity and data privacy incidents
- Analysis of state, federal, and international privacy laws
- Drafting legal notices of a data breach to individuals and regulators
- Responding to regulatory investigations arising out of a data breach
- Defending privacy lawsuits
- Drafting privacy and security policies and procedures pursuant to HIPAA, GLBA, CCPA, and other statutes
- Triaging data breaches/incident response
- Advising clients on handling cybersecurity incident from start to finish
- Advising clients on legal notification obligations under State/Federal laws
- Drafting breach notification letters to individuals and State/Federal Regulators
- Drafting Crisis Communications for clients
- Responding to inquiries and investigations by State/Federal Regulators
- Interfacing with clients
- Drafting reports to insurance carriers and clients
- JD from an accredited Law School
- Must be admitted to Bar in good standing
- 2+ years legal experience
- 2+ years of experience in data privacy and security, with particular focus on data breach and incident response
- Strong knowledge of data breach and privacy laws (HIPAA, GLBA, FERPA, CCPA, GDPR, etc.)
- IT or technical background a plus
- Some litigation experience is a plus
- Excellent research, writing, and communication skills (Lexis and Westlaw)
- Ability to work in a fast-paced environment
- Team player
Salary Range:
$125,000-$175,000 USD
Why Should You Apply?
- Flexibility: Remote and hybrid work arrangements to support work-life blend
- Benefits: Outstanding benefits package, including 401k match and generous PTO plan
- Career Growth: Ample opportunities for professional development and advancement
- Employee Perks: Access to corporate discount plans and other benefits
Wilson Elser welcomes submissions of candidates for our open positions exclusively from recruitment agencies with an active, signed fee agreement who have been granted access to a position through our dedicated Recruitment Agency Portal. We are unable to consider submissions from recruitment agencies without a current (dated as of 7/1/2024) agreement in place. We appreciate your understanding. For collaboration inquiries or to establish an agreement, please contact us at
We believe in creating a work environment free of barriers and bias, where individual outlooks and talents are respected and valued. Our firm's policy is to ensure an equal employment opportunity without discrimination or harassment based on race, color, national origin, religion, age, sex, disability, citizenship, marital status, sexual orientation or any other characteristic protected by the law.
View Now
9