Cyber Incident Response Team Lead - US Cyber Incident Response Team Lead - US …

S&P Global
in New York, NY, United States
Permanent, Full time
Be the first to apply
S&P Global
in New York, NY, United States
Permanent, Full time
Be the first to apply
Cyber Incident Response Team Lead - US
JobDescription :
The Role
As the US Cyber Incident Response Team (CIRT) Lead, you will be part of the Global Technology, Cyber Security team that develops and oversees the company's security program, ensuring the company is protected from existing and emerging threats. Working with the various teams, the US CIRT Lead will ensure that appropriate procedures are in place to detect and respond decisively to security incidents, leading incident response-related activities within US and providing support globally.

Primary Responsibilities:
• Coordinate and triage response to cybersecurity events and conduct forensic analysis
• Understand the threat landscape through collaboration with the Threat Intelligence team and other stakeholders
• Build and lead a team of threat hunters to proactively identify security events
• Direct and support incident response activities
• Develop and update standard operating procedures and playbooks to align response activities with best practices
• Deliver actionable incident metrics to management
• Manage the end-to-end incident response lifecycle
• Build an understanding of key S&P technology, systems, and business practices

Required Qualifications:
• Working knowledge of common attack vectors and penetration techniques
• Excellent communication skills to effectively present to different business and technical audiences
• Demonstrated experience handling security events in critical environments
• Experience analyzing system and application logs to investigate security and operational issues
• Demonstrated experience utilizing a SIEM in investigating security issues
• Strong knowledge of current enterprise detection and monitoring technologies and processes
• At least 3 years of information security experience and prior experience focused on incident response activities
• Ability to work in an "on call" status as necessary
• Organization skills with the ability to multi-task and identify priorities, work with cross-functional global teams, and execute on schedule
• Passion for security
• Ability to communicate to a technical and non-technical audience
• Excellent report writing and presentation skills
• Comfortable working in a fast-paced, exciting environment
• Advanced knowledge of network protocols and operating systems

Preferred Qualifications:
• Degree in either Computer Engineering, Computer Science, or Information Systems Management
• Experience in the financial services industry will be advantageous
• Familiarity with threat hunting techniques
• Coding/Scripting in any major language (.NET, Java, Python, Ruby, PowerShell)
• Windows and Linux administration tools and concepts

Grade 12 (for internal purposes)

To all recruitment agencies: S&P Global does not accept unsolicited agency resumes. Please do not forward such resumes to any S&P Global employee, office location or website. S&P Global will not be responsible for any fees related to such resumes.
S&P Global is an equal opportunity employer committed to making all employment decisions without regard to race/ethnicity, gender, pregnancy, gender identity or expression, color, creed, religion, national origin, age, disability, marital status (including domestic partnerships and civil unions), sexual orientation, military veteran status, unemployment status, or any other basis prohibited by federal, state or local law. Only electronic job submissions will be considered for employment.
If you need an accommodation during the application process due to a disability, please send an email to: and your request will be forwarded to the appropriate person.
The EEO is the Law Poster describes discrimination protections under federal law.