CAIA's Career Center is an easy-to-use, comprehensive resource connecting job seekers with employers in the growing AI field. Use your knowledge and credibility to advance your career or build a talented team for your organization. Opportunities targeted to CAIA Charterholders are prioritized.
In order to search for jobs specifically for CAIA Charterholders or those pursuing the CAIA Charter please enter “CAIA” in the search panel.
This will enable you to search for CAIA specific roles globally.
JobDescription : EMEA CIRT Lead Grade 13 (for internal purposes)
The Role: As the EMEA Cyber Incident Response Team (CIRT) Lead, you will be part of the Global Technology, Cyber Security team that develops and oversees the company's security program, ensuring the company is protected from existing and emerging threats. Working with the various teams, the EMEA CIRT Lead will be responsible for implementing the appropriate procedures are followed in order to detect and respond decisively to security incidents, coordinating incident response-related activities within the region and providing support globally. EMEA CIRT Lead reports to the Global CIRT Lead. 5-7 Years experience with the following:
Coordinate and triage responses to cybersecurity events and conduct forensic analysis
Lead and mature a global team of incident response specialists
Drive efforts towards the containment of threats and the remediation of the environment during or after an incident
Understand the threat landscape through collaboration with the Threat Intelligence team and other stakeholders
Direct and support incident response activities
Develop and update standard operating procedures and playbooks to align response activities with best practices
Develop and mature the threat hunting capabilities within the enterprise
Deliver actionable incident metrics to management
Manage the end-to-end incident response lifecycle
Build an understanding of key S&P technology, systems, and business practices
Required Knowledge: - Demonstrated knowledge of network traffic and communications analysis, including known ports and services, experience with Wireshark; - Demonstrate a working knowledge of the Windows operating system and familiarity with Unix/Linux and macOS - Experience with managing or configuring the following security related technologies: IPS, IDS, SIEM, firewalls, DNS, encryption, HIDS, NIDS, proxies, Network Packets, malware analysis, and forensic tools - Experience and familiarity with SEIM products; Qradar, Splunk, Elk, Arcsight, etc. - Experience with SOC management and operations. - Experience with one or more of the following end-point detection and reponse platforms: Carbon Black - Response, CrowdStrike Falcon, Tanium Detection and Response, Cybereason, etc. - Professional experience utilizing various open source and commercial analysis tools used for incident analysis (Encase, FTK, Autopsy, Sluethkit, Volatility, Redline) - Demonstrate professional experience utilizing the CIRT management principles as described in NIST 800-61 - Familiarity with Mitre Att&ck Framework - Proficiency in conducting research and analysis, compiling relevant information into a document for presentation - Demonstrated the ability to write technical reports, often without supervisor review, that can be consumed by multiple types of internal consumers - Demonstrated ability to extract actionable information and indicators collected logs sources and other data - Expert knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., central processing units [CPUs], network interface cards [NICs], data storage) - Demonstrated knowledge of file system implementations (e.g., New Technology File System [NTFS], File Allocation Table [FAT], File Extension [EXT])
Internal Number: 6569869
About S&P Global
eFinancialCareers is a career site specializing in financial services.