Cyber Incident Response Analyst Senior
US GA ATL 201
Full Time Senior-level / Expert USD 89K - 149K
Job Description
Are you ready to write your next chapter?
Make your mark at one of the biggest names in payments. With proven technology, we process the largest volume of payments in the world, driving the global economy every day. When you join Worldpay, you join a global community of experts and changemakers, working to reinvent an industry by constantly evolving how we work and making the way millions of people pay easier, every day.
What makes a Worldpayer? It’s simple: Think, Act, Win. We stay curious, always asking the right questions to be better every day, finding creative solutions to simplify the complex. We’re dynamic, every Worldpayer is empowered to make the right decisions for their customers. And we’re determined, always staying open – winning and failing as one.
Are you ready to make your mark? Then you sound like a Worldpayer.
About the role:
As a Senior Cyber Incident Response Analyst with Worldpay, your skills will be put to the test on the front lines of cyber-crime. Information security is at the heart of fintech, and you’ll help protect and secure highly-sensitive financial data for customers around the world. You will play a critical role in building a world class security operations team: implementing technology and processes to identify and mitigate security incidents.
The ideal candidate will have a proven track record as an Incident Responder, Threat Hunter, or SOC Engineer with a demonstrated ability to design and coordinate security event monitoring workflows and tooling effectively, deep dive into data from security telemetry, and prioritize controls and recommendations around information gaps.
What you will be doing:
· Monitor and analyze security alerts via state-of-the-art security tooling including XDR, SOAR, SIEM and more to identify potential threats and vulnerabilities in real-time.
· Conduct thorough investigations of security incidents, determining the root cause and extent of a breach.
· Develop and implement incident response plans, including playbooks, to ensure swift and effective responses to security events.
· Collaborate with IT and security teams to contain and mitigate threats, ensuring minimal disruption to business operations.
· Perform digital forensics to collect, preserve, and analyze evidence related to security incidents.
· Provide detailed incident reports and documentation, including lessons learned and recommendations for improving security posture.
· Stay current with emerging threats and vulnerabilities and recommend proactive measures to protect the organization.
· Conduct and participate in regular training and simulations for the incident response team to ensure preparedness for potential security incidents.
What you will need:
Bachelor’s degree in computer science/information systems or the equivalent combination of education, training, or work experience. GSEC, GCIH, CISSP or other security or network certifications desired.
Typically requires five or more years of experience with:
· Demonstrated expertise in security operations including developing and implementing SOC escalation procedures and security event analysis.
· Strong proficiency with security automation platforms (SOAR) and SIEM/logging tools.
· Experience with Endpoint Detection and Response tooling.
· Familiarity with incident response methodologies and tools.
· Hands on experience with network technologies (protocols, design concepts, access control).
· Knowledge of security technologies (encryption, data protection, design, privilege access, etc.).
· Knowledge of network design and engineering.
· Proficiency in time management, communications, decision making, presentation and organizational skills.
· Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules.
· Verbal and written communication skills to technical and non-technical audiences of various levels in the organization.
· Passion for cybersecurity with a willingness to partake in an on-call rotation schedule to provide full coverage for security escalations.
Added bonus if you have:
· Led or participated in high severity security incidents from initial detection to recovery.
· Experience with industry frameworks and concepts including NIST and SANS, as well as adversarial focused frameworks such as MITRE ATT&CK.
· Detection engineering and sensor tuning experience.
· Understanding of a broad spectrum of endpoint and network protection tools (application whitelisting, DLP, phishing protection, IPS, NDR, cloud monitoring).
· Familiarity with network and host forensics and the variety of tooling involved.
· Expertise with data analysis tools like Splunk or Jupiter Notebooks, and programming/scripting knowledge with Python, Powershell, or a relevant query language (SPL/MSSQL/KQL, etc.).
· Experience with proactive threat hunting.
Worldpay perks - what we’ll bring for you:
We know it’s bigger than just your career. It’s your life, and your world. That’s why we offer global benefits and programs to support you at every stage. Here’s a taste of what you can expect.
A competitive salary and benefits.
Time to support charities and give back to your community.
Parental leave policy.
Global recognition platform.
Virgin Pulse access.
Global employee assistance program.
What makes a Worldpayer:
At Worldpay, we take our Values seriously, and we live them every day. Think like a customer, Act like an owner, and Win as a team.
Curious. Humble. Creative. We ask the right questions, listening and learning to get better every day. We simplify the complex and we’re always looking to create a bigger impact for our colleagues and customers.
Does this sound like you? Then you sound like a Worldpayer.
Apply now to write the next chapter in your career. We can’t wait to hear from you.
To find out more about working with us, find us on LinkedIn.
#LI-JK1
Privacy Statement
Worldpay is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how Worldpay protects personal information online, please see the Online Privacy Notice.
EEOC Statement
Worldpay is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, national origin, disability, veteran status, and other protected characteristics. The EEO is the Law poster is available here supplement document available here
For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will be required to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis.
Sourcing Model
Recruitment at Worldpay works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. Worldpay does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.
#pridepass
Tags: Automation CISSP Cloud Computer Science EDR Encryption FinTech Forensics GCIH GSEC Incident response IPS MITRE ATT&CK Monitoring MSSQL NIST PowerShell Privacy Python SANS Scripting SIEM SOAR SOC Splunk Vulnerabilities XDR
Perks/benefits: Career development Competitive pay Parental leave Salary bonus Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.