Sr. Cybersecurity Incident Response Analyst

Sr. Cybersecurity Incident Response Analyst

12+ Months contract with potential for extension

Interview Mode: Video and In-person. (Must be local to New York, New Jersey)

Client: Investment Banking industry experience preferred. Candidates that come out of banking will be given first preference

Summary:

The Cybersecurity Incident Response Senior Analyst plays a pivotal role in safeguarding the client's digital assets by identifying, investigating, and mitigating cybersecurity incidents in accordance with internal and regulatory requirements. The ideal candidate will possess a foundation in governance, strong technical background, sound analytical thinking, and a deep understanding of the threat landscape. This is a hands-on role requiring collaboration across the enterprise.

Key Responsibilities

Incident Detection and Response

Support firm's follow the sun processes ensuring continuous security monitoring of global networks

Monitor alerts from security platforms (incl. SIEM, Phishing, DLP, Threat Intelligence, etc.) and escalations from users, management, and SOC to effectively respond to anomalous and/or malicious activities.

Triage and prioritize events and incidents based on severity, impact, and scope.

Conduct root cause analysis and lead containment, eradication, and recovery efforts.

Analyze host-based and network-based artifacts and logs to reconstruct timelines

Proactively search for indicators of compromise (IOCs) across systems and networks

Collect and preserve evidence from endpoints, servers, and logs in a legally defensible manner.

Continuously monitor threat intelligence and open-source advisories to proactively identify and respond to emerging threats.

Correlate with threat intelligence to contextualize findings and steer investigations

Governance, Risk, and Compliance (GRC) Support

Ensure all incident response practices and activities align with internal security policies, procedures, runbooks, and regulatory mandates.

Support assessments, audit, and regulatory examinations by maintaining and providing incident-related evidence and documentation.

Maintain thorough and complete documentation of all actions taken during incident response activities in accordance with policies and established incident response playbooks.

Maintain policies, procedures, and playbooks related to incident response.

Reporting & Metrics

Generate weekly and monthly reports and dashboards tailored for both technical and executive audiences.

Communicate business impact of CSIRT activities in a clear, risk-aligned manner.

Define, maintain, and report metrics, KPIs, and KRIs to measure program performance, risks, effectiveness, and compliance

Collaboration and Communication

Coordinate analysis and response efforts to security incidents, ensuring minimal impact and quick recovery

Work closely with technology, legal, compliance, and risk teams during major incidents

Act as an SME during post-incident reviews and contribute to incident reports

Maintain open communication with senior leadership and provide ongoing status updates