Senior Security Operations Centre / Incident Response Analyst

Title and Summary

Senior Security Operations Centre / Incident Response Analyst

Lead Security Operations Centre & Incident Response Analyst
Overview

Mastercard Vocalink is looking for a driven and independent Lead Security Operations Analyst with Incident Response capabilities, to contribute to securing critical payments infrastructure in the UK.

In this role you'll be responsible for triaging escalations, dealing with responsible disclosures and handling security incidents. When not actively engaged in ongoing incidents, the team works on the improvement and streamlining of the detection and response function.

Role Responsibilities
• Ability to independently lead and resolve cybersecurity incidents through endpoint forensics and network investigations
• Providing triage and bespoke investigation of escalations from various sources.
• Lead and develop knowledge base, use case and playbook development within the monitoring and response environment.
• Working closely with security engineering, insider threat and T1/T2 SOC, providing critical feedback to improve and automate monitoring and response
• Leveraging threat intelligence to conduct regular relevant threat hunts within the environment.
• Proactive initiatives and project-related support by providing subject matter expertise

Required Experience:
• 2+ years of direct experience in a Security Operations Center (SOC).
• 3+ year of direct experience working in an incident response or digital forensics role.
• 5+ years of demonstrated experience with cybersecurity related disciplines, not limited to:
e.g. vulnerability research, network traffic analysis, static and dynamic malware analysis, digital forensics, memory analysis, web-security and threat hunting.

Preferred Experience:
• Experience in creating queries and alerts in a SIEM, preferably in SPL.
Experience with Windows/Unix OS forensics - filesystem, memory and binary analysis.
• Experience with Cloud Security (Azure, AWS, GCP).
• Experience in working with NDR/EDR solutions on enterprise level
• Familiarity with Indicators of Compromise (IoCs), Indicators of Attack (IoAs), ATT&CK Tools, Techniques and Procedures (TTPs).
• Strong interpersonal skills, including good communication with the ability to articulate ideas in a precise and concise manner.
• Broad knowledge on the entirety of the security spectrum, with specialization in few areas such as e.g. log analysis, malware analysis, memory analysis or forensics.
• CISSP, GIAC certifications or equivalent.

The Ideal candidate is a technically inclined and experienced security specialist who enjoys working in a fast-paced collaborative team environment.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

Abide by Mastercard's security policies and practices;

Ensure the confidentiality and integrity of the information being accessed;

Report any suspected information security violation or breach, and

Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.