Zions Bancorporation - Midvale, UT
posted 4 days ago
About the position
Zions Bancorporation's Enterprise Technology and Operations (ETO) team is transforming what it means to work for a financial institution. With a commitment to technology and innovation, we have been providing our community, clients and colleagues the best experience possible for over 150 years. Help us transform our workforce of the future, today. We are currently seeking a Cyber Incident Response Engineer as part of our Enterprise Information Security department. Enterprise Information Security (EIS) is integrated within the Enterprise Technology and Operations division (1100+ technical people) at Zions Bancorporation. EIS is responsible for enabling secure innovation and business growth for 10,000+ employees across 11 states. EIS is undergoing rapid growth and we are focused on creating a relevant program that will enable our organization's long-term success. What is great about our department is that we laugh with each other, have Executive and Board level visibility and support for our work, and are driving highly visible, enterprise-wide initiatives. We are focused on creating business value and are seeking like-minded professionals to join our team!
Responsibilities
- Function as key contributor in the CSOC's growth and evolution, actively improving our cyber incident response capabilities
- Respond to cybersecurity incidents
- Knowledge in multiple cybersecurity tools and processes such as SIEM, IDS, EDR, DLP, WAF and similar
- Develop and implement monitoring use cases, cyber incident response procedures, playbooks and other technical documentation
- Collaborate with Enterprise Cybersecurity Architecture and technology teams in monitoring and alerting infrastructure, processes, and tools
- Participate in the on-call rotation to maintain 24/7 coverage in responding to alerts and possible threats
- Other duties as assigned
Requirements
- Hands-on technical experience with one or more commercial SIEM products such as Splunk (preferred), IBM QRadar, LogRhythm, ArcSight, NetWitness, etc.
- Experience producing technical documentation, standard operating procedures, and incident response playbooks
- Technical knowledge in networking, Windows administration, Linux administration, common attack techniques and preventions
- Working knowledge of common attack vectors, different classes of attacks and general attack stages
- Knowledge of system administration concepts for UNIX/Linux and Windows operating systems
- Development experience with scripting languages such as R, HIVE, Python, JavaScript, etc. is a plus
- Experience with any Endpoint Detection and Response platform is a plus
- Relevant technical certifications are a plus (ex: SANS, ISC2)
- Requires a Bachelor's in Information Technology, Computer Science, Information Systems or a related technical field
- 4+ years experience in Security Operations, Incident Response, Security Architecture, supporting Information Security infrastructure or a combination of the two or other directly related experience
- A combination of education and experience may meet qualifications
Nice-to-haves
- Development experience with scripting languages such as R, HIVE, Python, JavaScript, etc. is a plus
- Experience with any Endpoint Detection and Response platform is a plus
- Relevant technical certifications are a plus (ex: SANS, ISC2)
Benefits
- Medical, Dental and Vision Insurance - START DAY ONE!
- Life and Disability Insurance, Paid Parental Leave and Adoption Assistance
- Health Savings (HSA), Flexible Spending (FSA) and dependent care accounts
- Paid Training, 20 days of Paid Time Off (PTO) and 11 Paid Federal Holidays
- 401(k) plan with company match, Profit Sharing, competitive compensation in line with work experience
- Mental health benefits including coaching and therapy sessions
- Tuition Reimbursement for qualifying employees
- Employee Ambassador preferred banking products
- Employees may, at the company's discretion, be eligible to receive a cash bonus award
