Senior Cloud Incident Responder Analyst | Dublin, IE
Full time
at State Street Corporation
in
Online
Posted on December 17, 2024
Job details
Senior Cloud Incident Responder Analyst
State Street Corporation Dublin, Ireland Posted: 15 days ago | Type: Permanent | Salary: Competitive State Street is seeking a Senior Cloud Security IR Analyst for our Cloud Readiness & Response team, which is a key part of security operations at State Street. This new team focuses on threat detection and incident response in cloud environments, emphasizing cloud infrastructure (AWS, Azure, and others) and securing cloud apps such as Office 365, Workday, and Salesforce. Preferred locations are Ireland (Dublin, Kilkenny, or remote), Poland (Krakow), or the United States (MA, or remote in EST or CST timezones). Responsibilities:- Ensure the security of State Street by delivering exceptional detection and response capabilities in public cloud environments.
- Design and implement incident response capabilities for cloud, including support for triage, investigation, evidence collection, containment, and remediation.
- Deliver tactical capability enhancements, partnering with internal engineering teams and vendors on large-scale capability development.
- Plan and lead tabletop exercises and hands-on response simulations to assess and develop response capabilities.
- Deliver customized training and awareness programs to key operational teams on incident response techniques for relevant cloud platforms.
- Represent Security Operations on strategic cloud projects, providing input and assistance around incident readiness, incident response, and other operational security concerns.
- Deep expertise in cloud security, specifically infrastructure platforms such as AWS and Azure, and common enterprise SaaS applications.
- Exposure to security incident response, specifically incidents involving cloud infrastructure and SaaS applications.
- Experience with cloud native security capabilities and features (e.g., GuardDuty, Sentinel, CloudTrail), common enterprise security tools (SIEM, EDR), and cloud-specific security tools (e.g., CSPM).
- Experience developing and deploying tools and capabilities that enable threat detection or response.
- Significant experience securing AWS, and preferably at least one other cloud infrastructure platform.
- Strong foundational security knowledge, with specific expertise in threat detection, incident response, threat hunting, or similar.
- Understanding of current security threats and challenges, as well as frameworks like MITRE ATT&CK.
- Familiarity with common enterprise security tools, specifically SIEM, EDR, and NSM tools.
- Experience with scripting, system integration, and light development (e.g., Python, PowerShell, other scripting).
- Experience managing technology projects including solution design, deployment, and enhancement.
- Exceptional communication and presentation skills (verbal and written), a collaborative approach, and the ability to influence and build partnerships with diverse stakeholders.
- A track record of succeeding in distributed, international teams.
- 7+ years of relevant security experience.
- Direct experience securing cloud infrastructure in AWS, and preferably hands-on experience of cloud incident response.
- Strong experience with cloud infrastructure is essential (either AWS or Azure).
- Experience planning and executing tabletop exercises and response simulations is beneficial.
- Experience developing and delivering technical training is beneficial.
- A degree is not required, but a qualification in information security or information systems may be beneficial.
- Relevant cloud security or IR certifications (e.g., CSA CCSK, GIAC GCFR / GCIH / GCFA) are beneficial, as are certifications from AWS, Microsoft, or other key cloud providers.
- This role may be filled in Ireland (Dublin or Kilkenny preferred, or remote), Poland (Krakow), or the United States (MA preferred, or remote in EST or CST timezones).
- This is primarily a strategic role rather than operational; however, occasional participation in an on-call rotation may be required to support relevant work by other teams.
Apply safely
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.