03 Sep
Cyber Security Operations Team Lead
Utah, Salt lake city , 84101 Salt lake city USA

Vacancy expired!

BE PART OF A BANK LIKE NO OTHER. When you work with the world's most innovative companies, you know you're making a difference.Our clients are the game changers, leaders and investors who fuel the global innovation economy. They're the businesses behind the next medical breakthroughs. And the visionaries whose new technologies could transform the way people live and work.They come to SVB for our expertise, deep network and 30+ years of experience in the industries we serve, and to partner with diverse teams of passionate, enterprising SVBers, dedicated to an inclusive approach to helping them grow and succeed at every stage of their business.Join us at SVB and be part of bringing our clients' world-changing ideas to life. At SVB, we have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities SVB serves. We pride ourselves in having both a diverse client roster and an equally diverse and inclusive organization. And we work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply.Job Description Position Summary: Protect SVB by providing timely response to Cybersecurity threats, incidents, and requests for investigation utilizing industry leading tools and practices. Develop playbooks and automation for repeatable tasks to speed the investigation of and provide accurate and consistent response to security events. Provide expert forensic analysis to support investigations and regulatory requests from SVB business units. This position will lead a team of cybersecurity professionals in their day-to-day work detecting and responding to cyber security events and assisting them in career development and growth. This position reports to the manager of Cyber Security Operations and is responsible for maintaining a library of detection and response runbooks. This position is an expert in many cyber security domains and assists and trains analysts and works with them to complete complex investigations and drives continuous improvement for the team. This position works both independently and as a leader on collaborative teams to accomplish complex projects. This position will maintain metrics on cyber security events and prepare post-incident communications and reports. This position contributes to Cyber Security Operations policies and procedures. This position defines and leads projects in support of security detection and response, strategy and process. This position may be required to testify in court if necessary. This position may participate in an on-call rotation. Knowledge: - Legal and regulatory requirements for financial services - Leadership principles - Log analysis and forensic investigation - Cyber security policies, standards, procedures, and processes - A wide variety of enterprise wide IT systems such as operating systems, directory services, cloud services, mobile device management, virtualization, network devices, network protocols, web servers, databases, firewalls, etc. - Host and memory forensics on Windows, Mac and Linux operating systems - Advanced log analysis - How threat actors target, exploit and behave within a compromised network - How systems get infected and common malware behavior - Cybersecurity Threat Intelligence (CTI) and Indicators of Compromise (IoCs) - Amazon Web Services and Azure logging methods Skills: - Demonstrate group and project leadership skills - Lead incident response and/or computer forensics investigations - Support other investigations (HR, Legal, compliance, regulator requests, etc.) - Communication proficiency, oral and written - Document investigative and research findings - Coordinate efforts among legal, human resources, corporate compliance, law enforcement, and outside information security emergency handling agencies - Investigate account take over and other attacks against web based services - Review alerts and log data from a wide variety of sources - Evaluate operating system logs, application logs, firewall, IPS, sand boxing, host security, network devices, vulnerability management, DLP, network forensics, etc. - Complete forensic investigations of hosts, mobile devices, memory, etc. - Hunt for security events using large data sets - Collect and preserve evidence following industry best practices and established procedures - Lead gap assessments, upgrade paths, bug fixes and necessary workarounds for new IT security issues Required Education and Experience: - Bachelor's Degree with major in Computer Science, Cyber Security, Engineering,or related field - Five or more years of experience in incident response, computer forensics, or security engineering. Some technical, IT, or digital investigative experience will be considered in meeting this requirement - Outstanding collaboration, problem-solving and negotiation skills - Proven strategic thinking skills to solve complex enterprise and business challenges - Proven ability to lead cyber security teams - Management of cybersecurity cases and incidents - Writing of enterprise policies, standards, procedures, processes, and runbooks Preferred Education and Experience: - Master's Degree in a relevant subject - Scripting using Python or Powershell - Security Information and Event Management (SIEM) - Log management and log analysis - Cyber security case management - Endpoint security tools such as: antivirus, data loss prevention, endpoint detection and response, forensic analysis, etc. - Vulnerability management - Host and memory forensics on Windows, Macand Linux based computers - Cloud infrastructures such as AWS or Azure Preferred Certifications: - Certified Information Systems Security Professional (CISSP) - Certified Cloud Security Professional (CCSP) - Splunk Enterprise Certified Admin - AWS Certified Security - Specialty - Certified Forensic Computer Examiner (CFCE) - GIAC Certified Incident Handler (GCIH) - GIAC Certified Enterprise Defender (GCED) - CompTIA Advanced Security Practitioner (CASP) - GIAC Security Expert (GSE) - Certified Ethical Hacker or Computer Security Incident Handler (CSIH) - GIAC Certified Forensic Analyst (GCFA) - GIAC Advanced Network Forensics (GNFA) - GIAC Intrusion Detection (GCIA) - GIAC Security Essentials (GSEC) - Project Management Professional (PMP) - Systems Security Certified Practitioner (SSCP) - CompTIA (Security+) - EnCase Certified Examiner (EnCE) - Access Data Certified Examiner (ACE)For more than 35 years, SVB Financial Group (NASDAQ: SIVB) and its subsidiaries have helped innovative companies and their investors move bold ideas forward, fast. SVB Financial Group's businesses, including Silicon Valley Bank, offer commercial and private banking, asset management, private wealth management, brokerage and investment services and funds management services to companies in the technology, life science and healthcare, private equity and venture capital, and premium wine industries. Headquartered in Santa Clara, California, SVB Financial Group operates in centers of innovation around the world. Learn more at svb.com.SVB Financial Group is an equal opportunity employer.At SVB, we have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities SVB serves. We pride ourselves in having both a diverse client roster and an equally diverse and inclusive organization. And we work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply. 2021 SVB Financial Group. All rights reserved. SVB, SVB FINANCIAL GROUP, SILICON VALLEY BANK, MAKE NEXT HAPPEN NOW and the chevron device are trademarks of SVB Financial Group, used under license. Silicon Valley Bank is a member of the FDIC and the Federal Reserve System. Silicon Valley Bank is the California bank subsidiary of SVB Financial Group (Nasdaq: SIVB).Silicon Valley Bank is registered in England and Wales at Alphabeta, 14-18 Finsbury Square, London EC2A 1BR, UK under No. FC029579. Silicon Valley Bank is authorised and regulated by the California Department of Business Oversight and the United States Federal Reserve Bank; authorised by the Prudential Regulation Authority with number 577295; and subject to regulation by the Financial Conduct Authority and limited regulation by the Prudential Regulation Authority. Details about the extent of our regulation by the Prudential Regulation Authority are available from us on request.

Vacancy expired!


Related jobs

Report job