Cyber Incident Response Manager
A leading and well respected Challenger Bank in Edinburgh are recruiting for Cyber Incident Response Manager
Define and implement an effective, intelligence-led attack monitoring framework, driving the delivery of the monitoring, gathering, analysis, correlation, dissemination and remediation of indicators of cyber-attack.
Develop and maintain a baseline of the tools the bank will for anomaly detection.
Manage intelligence and event collection, analysis and reporting.
Developing and managing a Cyber Response Plan using appropriate incident management tools and processes.
Overall accountability for first line incident handling, including call handling, triage, first pass analysis, and resolution or escalation to the right cyber security resolver team.
Responsible for the bank's deployment of a range of cyber protection and response tools, including the areas of monitoring, detection, analysis, incident management and mitigation to defeat cyber-attacks.
Management of incident review and reporting on ticket resolution and KPIs.
Support the investigation cyber security incidents across the organisation.
Providing digital forensic investigation capabilities and expertise to support security incidents.
Identify the root cause of a security incident.
Detect, contain and provide initial meaningful analysis of malware affecting the organisation.
A keen analytical mind-set, coupled with demonstrable operational experience with incident management and data analysis toolsets, ideally in a financial services environment.
Experience with security services such as Intrusion Detection Systems IDS, Intrusion Prevention Systems IPS,
Web Application Firewalls WAF, Firewall logs, systems logs, web logs,
application logs and Security Information and Event Management SIEM systems.
One or more certifications such as CISSP, CEH, ITIL V3 and SANS