Incident Response Management Specialist
Bank of America
Incident Management is part of the Response and Recovery whose aim is to respond to an incident in the manner that will reduce the impact and risk to the organization as much as possible. The Incident Response Management Specialist will be required to take charge of Information Security events and incidents as they occur and co-ordinate and work collaboratively with colleagues across the business to resolution.
• Establish oversight of information security events and incidents and communicate analysis, containment and remediation efforts to all business partners.
• Incident response and recovery plans will be available to use and should be maintained by the team. Any issues that require management escalation will be expected to be completed in a timely manner including all appropriate information in relation to risk and action times.
• The Incident Manager will be expected to provide status updates and post-incident reports for executives and stakeholders in non-technical terms encompassing risk, impact, likelihood, containment and remediation activities and threat actors.
• Risk management including briefing and recommending actions to executive leadership within Global Information Security and other business partners on events and incidents
• The incident manager will be part of a global 24/7 rotation and there is a requirement to work 8-10 weekends per year on an on-call basis as a primary contact and 8-10 weekends as a secondary contact. There will also be a requirement to cover the majority of US holidays.
· Proven experience handling Information Security related events and incidents
· Experience in an operations focused role with an emphasis on incident response
· Demonstrable experience in the coordination of containment activities related to cyber security incidents
· Familiarity with security vulnerabilities exploits and APT tools, techniques and procedures
· Familiarity with network security vulnerabilities, exploits, malware and digital forensics desirable
· To be an excellent communicator who can adapt to their audience
· To be decisive and can make difficult decisions in what can be a high pressure environment
· Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results
· Able to handle multiple competing priorities in a fast-paced environment and take action without causing an undue delay
· Supportive and can work well as part of a team as well as independently
· Can remain calm under pressure
· Ability to work in a strong team-orientated environment with a sense of urgency and resilience
· Must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks whilst remaining risk and objective focused
Enterprise Role Overview - Operates processes and/or tools that provide incident response and privacy controls. Uses expertise to identify, analyze, respond, and recover capabilities. Uses advanced understanding of security threats, vulnerabilities, exploits, attack vectors, malware, and digital forensics to guide incident response and reporting. Typically has 3-5 years of relevant experience across multiple incident or privacy disciplines as an individual contributor.
Shift:1st shift (United States of America)
Hours Per Week:40