Role: Senior Cybersecurity Incident Response Analyst Location: New York, NY (5 days Onsite) Duration: 6 Months to Start with Job Description: The Cybersecurity Incident Response Senior Analyst plays a pivotal role in safeguarding the Bank’s digital assets by identifying, investigating, and mitigating cybersecurity incidents in accordance with internal and regulatory requirements. The ideal candidate will possess a foundation in governance, strong technical background, sound analytical thinking, and a deep understanding of the threat landscape. This is a hands-on role requiring collaboration across the enterprise. Key Responsibilities Incident Detection and Response • Support firm’s follow the sun processes ensuring continuous security monitoring of global networks • Monitor alerts from security platforms (incl. SIEM, Phishing, DLP, Threat Intelligence, etc.) and escalations from users, management, and SOC to effectively respond to anomalous and/or malicious activities. • Triage and prioritize events and incidents based on severity, impact, and scope. • Conduct root cause analysis and lead containment, eradication, and recovery efforts. • Analyze host-based and network-based artifacts and logs to reconstruct timelines • Proactively search for indicators of compromise (IOCs) across systems and networks • Collect and preserve evidence from endpoints, servers, and logs in a legally defensible manner. • Continuously monitor threat intelligence and open-source advisories to proactively identify and respond to emerging threats. • Correlate with threat intelligence to contextualize findings and steer investigations Governance, Risk, and Compliance (GRC) Support • Ensure all incident response practices and activities align with internal security policies, procedures, runbooks, and regulatory mandates. • Support assessments, audit, and regulatory examinations by maintaining and providing incident-related evidence and documentation. • Maintain thorough and complete documentation of all actions taken during incident response activities in accordance with policies and established incident response playbooks. • Maintain policies, procedures, and playbooks related to incident response. Reporting & Metrics • Generate weekly and monthly reports and dashboards tailored for both technical and executive audiences. • Communicate business impact of CSIRT activities in a clear, risk-aligned manner. • Define, maintain, and report metrics, KPIs, and KRIs to measure program performance, risks, effectiveness, and compliance Collaboration and Communication • Coordinate analysis and response efforts to security incidents, ensuring minimal impact and quick recovery • Work closely with technology, legal, compliance, and risk teams during major incidents • Act as an SME during post-incident reviews and contribute to incident reports • Maintain open communication with senior leadership and provide ongoing status updates Process and Technology Optimization • Evaluate, implement, and optimize security processes and technologies to enhance detection and response capabilities. • Collaborate with service providers and vendors on tool enhancements and issue resolution. • Fine-tune detection rules to reduce false positives and improve fidelity. Continuous Improvement • Conduct post-mortem reviews and contribute to lessons learned • Maintain awareness of the evolving threat landscape and disseminate knowledge internally. • Proactively identify gaps or inefficiencies in CSIRT policies, procedures, processes, and playbooks. • Participate in cross-functional tabletop exercises and red/blue team simulations Core Competencies • Ability to analyze, prioritize, and manage security incidents effectively. • Ability to manage multiple initiatives simultaneously, determine prioritization, and work under minimal supervision. • Awareness of latest Information Security risks. • Comfort working in a highly global, diverse, and hybrid (office and virtual) work environment. • Strong technology, information security, and analysis skills. • Strong communication and documentation skills. • Knowledge of business, regulatory, and compliance requirements in the financial services industry