Description
Our Purpose
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Title and Summary
Senior Security Operations Centre / Incident Response Analyst Lead Security Operations Centre & Incident Response AnalystOverview
Mastercard Vocalink is looking for a driven and independent Lead Security Operations Analyst with Incident Response capabilities, to contribute to securing critical payments infrastructure in the UK.
In this role you'll be responsible for triaging escalations, dealing with responsible disclosures and handling security incidents. When not actively engaged in ongoing incidents, the team works on the improvement and streamlining of the detection and response function.
Role Responsibilities
• Ability to independently lead and resolve cybersecurity incidents through endpoint forensics and network investigations
• Providing triage and bespoke investigation of escalations from various sources.
• Lead and develop knowledge base, use case and playbook development within the monitoring and response environment.
• Working closely with security engineering, insider threat and T1/T2 SOC, providing critical feedback to improve and automate monitoring and response
• Leveraging threat intelligence to conduct regular relevant threat hunts within the environment.
• Proactive initiatives and project-related support by providing subject matter expertise
Required Experience:
• 2+ years of direct experience in a Security Operations Center (SOC).
• 3+ year of direct experience working in an incident response or digital forensics role.
• 5+ years of demonstrated experience with cybersecurity related disciplines, not limited to:
e.g. vulnerability research, network traffic analysis, static and dynamic malware analysis, digital forensics, memory analysis, web-security and threat hunting.
Preferred Experience:
• Experience in creating queries and alerts in a SIEM, preferably in SPL.
Experience with Windows/Unix OS forensics - filesystem, memory and binary analysis.
• Experience with Cloud Security (Azure, AWS, GCP).
• Experience in working with NDR/EDR solutions on enterprise level
• Familiarity with Indicators of Compromise (IoCs), Indicators of Attack (IoAs), ATT&CK Tools, Techniques and Procedures (TTPs).
• Strong interpersonal skills, including good communication with the ability to articulate ideas in a precise and concise manner.
• Broad knowledge on the entirety of the security spectrum, with specialization in few areas such as e.g. log analysis, malware analysis, memory analysis or forensics.
• CISSP, GIAC certifications or equivalent.
The Ideal candidate is a technically inclined and experienced security specialist who enjoys working in a fast-paced collaborative team environment.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard's security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard's security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Apply on company website
Find Connections via Linkedin
