Lead Information Security Incident Response Specialist

The Lead Information Security Incident Response Specialist investigates and analyzes all response activities related to cyber incidents within the network environment or enclave. This job ensures all networks and systems within the organization are monitored and analyzed to identify and deter potential threats. This job also works across lines of business to inform key team members of cyber threat findings relevant to their business function.

Key Responsibilities and Duties

• Analyzes cyber threat information from a variety of IT Security tools, including intrusion detection system alerts, firewall and network traffic logs and host system logs.
• Reviews technical feasibility of adopting external cloud based IT platform and infrastructure services within the organization.
• Leads the identification of portions of the organization's IT platform/infrastructure with the highest potential return for cloud deployment.
• Facilitates implementation of the organization's global strategies and initiatives to enhance Information Technology plans, operations and procedures.
• Conducts strategic assessments on systems and networks to determine potential cyber threat opportunities.
• Analyzes, and reports all events and anomalies in accordance with IT Security directives, including initiating, responding, and reporting discovered events.
• Provides tactical analyses and suggestions for network operations within the organization.
• Performs digital forensic tasks to consistently monitor all designated networks, enclaves and systems.
• Lends technical assistance to other incident response and security operation teams, including vulnerability assessments and intrusion detection.
• Coaches, reviews and delegates work to lower level professionals.
• Leads the cost/benefit evaluation of cloud solutions compared to virtual private networks, dedicated hosting, and in-house solutions.
• Leverage AI and machine learning technologies to enhance threat detection, threat hunting, automate incident analysis, and improve response times in cybersecurity incident investigations.

Educational Requirements

• University (Degree) Preferred

Work Experience

• 5+ Years Required; 7+ Years Preferred

Physical Requirements

• Physical Requirements: Sedentary Work

Career Level
8IC

We are an Equal Opportunity Employer. TIAA does not discriminate against any candidate or employee on the basis of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other legally protected status.

Read more about your rights and view government notices .