Team Lead, Security Operations

At Customers Bank, we believe in working hard, working smart, working together to deliver memorable customer experiences and having fun. Our vision, mission, and values guide us along our path to achieve excellence. Passion, attitude, creativity, integrity, alignment, and execution are cornerstones of our behaviors. They define who we are as an organization and as individuals. Everyone is encouraged to have personal development plans. By doing so, our team members are on their way to achieve their highest potential and be successful in their personal and professional lives.

Must be eligible to work in the U.S. without sponsorship.

Who is Customers Bank?

Founded in 2009, Customers Bank is a super-community bank with over $22 billion in assets. We believe in dedicated personal service for the businesses, professionals, individuals, and families we work with.

We get you further, faster. 

Focused on you:  We provide every customer with a single point of contact. A dedicated team member who’s committed to meeting your needs today and tomorrow.

On the leading edge:  We’re innovating with the latest tools and technology so we can react to market conditions quicker and help you get ahead.

Proven reliability:  We always ground our innovation in our deep experience and strong financial foundation, so we’re a partner you can trust.

What you’ll do:

Customers Bank is looking for a Team Lead to support the development and design of the company's Security Operation’s Center (SOC). The team lead will oversee and support the Incident Response program to ensure ticket escalations are managed in a timely manner, and supporting the daily operations of the SOC.  The team lead will aid in the development of the Security Information and Event Management (SIEM) at an Enterprise level. They will work with team members, third party vendors, and various technology departments to support and enhance the security posture of the bank and will provide guidance on enterprise projects and initiatives. This role is required to participate in the on-call rotation and respond to critical alerts during off hours.  

Responsibility:

• Strong interpersonal, organizational and communication skills.
• Lead and mentor a team of security analysts and engineers to ensure efficient daily operations.
• Detail oriented, focused, and have excellent analytical and problem-solving skills.
• Responsible for the daily supervision and activities of the Security Operations Center, Network, OS and Application hardening, and the incident detection/response program.
• Oversee real-time monitoring of security alerts and events across the organization’s infrastructure.
• Lead the investigation, analysis, and response to security incidents, including escalation when necessary.
• Ensure accurate and timely incident documentation, reporting, and post-incident reviews.
• Must have strong written and oral communication skills, be self-motivated and a self-starter, and be able to work well in a team environment.
• Collaboration with multiple stakeholders across functional and technical skillsets.
• Administor Bank’s EDR platform and assist the Bank’s asset management solutions management
• Assist in domain takedown and related Internet based threat monitoring
• Assist threat intelligence monitoring and related work efforts
• Identify training needs and development opportunities for team members.
• Organize exercises, red team/blue team drills, and skill-building sessions.
• Produce time-critical, technical reports to management outlining incident and potential mitigation.
• Experience managing enterprise security tools including: SIEM, NDR, IDS, Web Filtering, Email Filtering, and Endpoint Protection Solutions.
• Develop, refine, and enforce standard operating procedures (SOPs) for incident response and threat management.
• Experience with project Management and onboarding new solutions.
• Create and maintain documented operating procedures. 

Must haves:

• Bachelor’s degree in Computer Science or equivalent.
• 5+ years of cybersecurity experience which can include one or more of the following cybersecurity functions: Intrusion Detection/Prevention, Monitoring, Digital Forensics, EDR, Vulnerability Management.
• 3+ years of Incident Response experience.
• 2+ years SIEM administration and event coorilation.
• Financial industry experience is a plus.
• Professional/technical certifications are a plus.  

Technology:

Security Information and Event Management (Splunk), System security logs, Database logs, web and network traffic logs, Application management logs, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), Endpoint Protection, Microsoft Azure, Linux, and Cyber/Digital Fraud.

Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

We also provide “reasonable accommodations”, upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws. 

Diversity Statement:

At Customers Bank, we believe in working smart, working together, and having fun while delivering innovative solutions and memorable experiences for our customers. We are committed to the continual advancement of a culture which reflects the value we place on diversity, equity, and inclusion. We honor the diverse experiences, perspectives, and identities of our team members, and we recognize that it is their passion, creativity, and integrity that drives our success. Step into your future with us! Let’s take on tomorrow.