Team Lead, Security Incident Response and Reporting

At Customers Bank, we believe in working hard, working smart, working together to deliver memorable customer experiences and having fun. Our vision, mission, and values guide us along our path to achieve excellence. Passion, attitude, creativity, integrity, alignment, and execution are cornerstones of our behaviors. They define who we are as an organization and as individuals. Everyone is encouraged to have personal development plans. By doing so, our team members are on their way to achieve their highest potential and be successful in their personal and professional lives.

Must be eligible to work in the U.S. without sponsorship.

Who is Customers Bank?

Founded in 2009, Customers Bank is a super-community bank with over $22 billion in assets. We believe in dedicated personal service for the businesses, professionals, individuals, and families we work with.

What you’ll do:

Customers Bank is seeking a Team Lead, Incident Response and Reporting, who is strategic, solutions-focused, and adept at coordinating security and operational efforts to support the company’s Security Operations and Business Operations Teams. This role will oversee the full lifecycle of incident response, from initial detection and triage through comprehensive documentation and reporting. The Team Lead will guide the implementation of incident response strategies, ensuring timely stakeholder communication and regulatory compliance. They will collaborate with cross-functional teams to track and analyze trends, recommend process improvements, and drive a culture of continuous learning. Participation in 24/7 on-call emergencies is mandatory, alongside leading post-incident reviews, documentation and reporting to ensure swift remediation of issues.

Responsibility:

• Coordinate detection, triage, containment, remediation, and documentation efforts for all security and business incidents.
• Create a program of continuous improvement and pre-emptive initiatives to fortify a resilient business operation.
• Ensure timely, accurate, and regulatory compliant incident reporting to key stakeholders.
• Develop and maintain standard operating procedures for incident handling, ensuring continuous process improvement.
• Work closely with cross-functional teams (IT, Legal, Risk, Crisis Management, Business Stakeholders) to mitigate threats, share insights, and drive best practices.
• Conduct incident post-mortems and root-cause analysis, recommending and tracking remediation actions to prevent recurrence.
• Serve as the escalation point for critical incidents, ensuring 24/7 coverage and swift response times.
• Assist Security Operations with reporting, ensuring incident response procedures meet regulatory and organizational requirements.
• Working knowledge of SIEM and other similar incident response tools to support the Security Operations team
• Participate in regularly scheduled trainings, tabletops, and Blue Team exercises.
• Produce Executive level reports on strategy, roadmap and read-outs.

Must haves:

• Bachelor’s degree in computer science, Cybersecurity, or similar work experience in a related field
• 5+ years of cybersecurity experience with proven operational or tactical incident response.
• 5+ years of experience as a cyber or business incident responder (or related) subject matter expert that has worked across organizational boundaries to analyze incident response or incident tracking to their organization’s infrastructure and services.

Nice to haves:

• Financial industry experience
• Knowledge of advanced cyber threats, threat vectors, attacker methodology to include, tools, tactics, and procedures and how they tie into the Cyber Kill Chain or Miter ATT&CK framework.
• Experience with intelligence tooling and/or open-source intelligence techniques.
• Experience in malware detection and analysis using static and dynamic malware analysis methods.
• Knowledge of cloud services and their attack surface.
• Related industry certifications (Sec+, CTIA, CISSP)

Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

We also provide “reasonable accommodations”, upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws. 

Diversity Statement:

At Customers Bank, we believe in working smart, working together, and having fun while delivering innovative solutions and memorable experiences for our customers. We are committed to the continual advancement of a culture which reflects the value we place on diversity, equity, and inclusion. We honor the diverse experiences, perspectives, and identities of our team members, and we recognize that it is their passion, creativity, and integrity that drives our success. Step into your future with us! Let’s take on tomorrow.