Job Description

Junior SOC Analyst with Banking industry

12+ months contract

US citizen

Onsite in New York City 10019

With potential for hybrid

Interview Mode: Video and final in-person interview required (locals only in NY/NJ/CT)

****Update: they want a Junior candidate 3-5 years experience and must have banking industry experience

Summary :
The Cybersecurity Incident Response Junior Analyst plays a pivotal role in safeguarding the Bank's digital assets by identifying, investigating, and mitigating cybersecurity incidents in accordance with internal and regulatory requirements. The ideal candidate will possess a foundation in governance, strong technical background, sound analytical thinking, and a deep understanding of the threat landscape. This is a hands-on role requiring collaboration across the enterprise.



Key Responsibilities:

Incident Detection and Response
o Support firm's follow the sun processes ensuring continuous security monitoring of global networks
o Monitor alerts from security platforms (incl. SIEM, Phishing, DLP, Threat Intelligence, etc.) and escalations from users, management, and SOC to effectively respond to anomalous and/or malicious activities.
o Triage and prioritize events and incidents based on severity, impact, and scope.
o Conduct root cause analysis and lead containment, eradication, and recovery efforts.
o Analyze host-based and network-based artifacts and logs to reconstruct timelines
o Proactively search for indicators of compromise (IOCs) across systems and networks
o Collect and preserve evidence from endpoints, servers, and logs in a legally defensible manner.
o Continuously monitor threat intelligence and open-source advisories to proactively identify and respond to emerging threats.
o Correlate with threat intelligence to contextualize findings and steer investigations
Governance, Risk, and Compliance (GRC) Support
o Ensure all incident response practices and activities align with internal security policies, procedures, runbooks, and regulatory mandates.
o Support assessments, audit, and regulatory examinations by maintaining and providing incident-related evidence and documentation.
o Maintain thorough and complete documentation of all actions taken during incident response activities in accordance with policies and established incident response playbooks.
o Maintain policies, procedures, and playbooks related to incident response.

Reporting & Metrics
o Generate weekly and monthly reports and dashboards tailored for both technical and executive audiences.
o Communicate business impact of CSIRT activities in a clear, risk-aligned manner.
o Define, maintain, and report metrics, KPIs, and KRIs to measure program performance, risks, effectiveness, and compliance
Collaboration and Communication
o Coordinate analysis and response efforts to security incidents, ensuring minimal impact and quick recovery
o Work closely with technology, legal, compliance, and risk teams during major incidents
o Act as an SME during post-incident reviews and contribute to incident reports
o Maintain open communication with senior leadership and provide ongoing status updates
Process and Technology Optimization
o Evaluate, implement, and optimize security processes and technologies to enhance detection and response capabilities.
o Collaborate with service providers and vendors on tool enhancements and issue resolution.
o Fine-tune detection rules to reduce false positives and improve fidelity.
Continuous Improvement
o Conduct post-mortem reviews and contribute to lessons learned
o Maintain awareness of the evolving threat landscape and disseminate knowledge internally.
o Proactively identify gaps or inefficiencies in CSIRT policies, procedures, processes, and playbooks.
o Participate in cross-functional tabletop exercises and red/blue team simulations

Core Competencies
o Ability to analyze, prioritize, and manage security incidents effectively.
o Ability to manage multiple initiatives simultaneously, determine prioritization, and work under minimal supervision.
o Awareness of latest Information Security risks.
o Comfort working in a highly global, diverse, and hybrid (office and virtual) work environment.
o Strong technology, information security, and analysis skills.
o Strong communication and documentation skills.
o Knowledge of business, regulatory, and compliance requirements in the financial services industry

Tools: SIEM, Data Loss Prevention(DLP), Endpoint Detection Response (EDR)

Job Tags

Similar Jobs