Incident Response Coordinator at Global Payments

Atlanta, Georgia, United States

Apply Now

Not SpecifiedCompensation

Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Payments, FinTech, CybersecurityIndustries

Requirements

Bachelor's degree in Computer Science, Info Security, or related field, or relevant work experience in a related field
Typically minimum 2 years relevant experience with Incident Management or Incident Response
Knowledge of network operations or engineering or system administration on Unix, Linux, MAC, or Windows
Knowledge of common security operations, intrusion detection systems, Security Incident Event Management systems, Penetration Testing, Web Application assessment, Secure Coding practices, Cloud Technologies
Preferred: ITIL V4
Preferred: Professional security certifications such as CompTIA Security+/Cybersecurity Analyst+, Systems Security Certified Practitioner (SSCP), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), or GSEC (GIAC Security Essentials)

Responsibilities

Coordinate incident response in line with the corporate security incident response plan
Manage post-incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis and the tracking of actions to prevent incident recurrence
Provide 24x7 on-call incident management support on rotation for critical security incidents
Stay up to date with new and emerging threats that can affect the organisation's information assets, third party software/solutions, IT configuration changes, and network/system
Provide executive level written communication during incident response for inquiries related to security incidents or assigned cases
Coordinate the remediation of findings from the organisation’s Bug Bounty Program working directly with whitehat researchers
Work closely with Risk Management teams to document identified risks and issues highlighted through post-incident or root cause analysis activities
Maintain a working knowledge of key data security frameworks and regulations such as PCI (Payment Card Industry)/Logical Security guidelines and models, HIPAA (Health Insurance Portability and Accountability Act), GDPR (General Data Protection Regulation), PII (Personally Identifiable Information), NIST CSF (Cyber Security Framework)
Collaborate with Legal and Privacy Offices throughout the company on critical data protection/security incidents
Participate in reviews and assessments to provide recommendations to enhance or improve the security posture of environments as part of post incident activities and lessons learned
Maintain and follow runbooks for day-to-day incident response activities in line with the corporate security incident response plan
Coordinate containment, eradication and post-incident activities for critical cyber security incidents
Play a key role in the Incident Response Team (IRT) overseeing, validating and documenting containment acting as a point of escalation for the Global Security Operations Center (GSOC)
Engage with key stakeholders for Root Cause Analysis (RCA) and post-incident activity, ensuring reduced chances of incident recurrence and assessed efficiency of incident response techniques and procedures

Skills

Key technologies and capabilities for this role

Incident ResponseCybersecurityRoot Cause AnalysisPost Incident ReviewIncident ManagementContainmentEradicationStakeholder EngagementThreat MonitoringSecurity Operations

Questions & Answers

Common questions about this position

What are the main responsibilities of the Incident Response Coordinator?

The role involves coordinating containment, eradication, and post-incident activities for critical cyber security incidents, managing Post Incident Reviews (PIR), Root Cause Analysis, and tracking actions to prevent recurrence, while providing 24x7 on-call support on rotation.

Is this a remote position or does it require office work?

This information is not specified in the job description.

What is the salary or compensation for this role?

This information is not specified in the job description.

What knowledge areas are important for this position?

A working knowledge of key data security frameworks and regulations such as PCI, HIPAA, GDPR, PII, and NIST CSF is required, along with staying up to date with emerging threats.

What kind of experience makes a strong candidate for this role?

Strong candidates will have experience in incident response coordination, post-incident reviews, root cause analysis, stakeholder engagement, and familiarity with cybersecurity frameworks, as well as the ability to provide executive communications and collaborate across teams like Legal and Risk Management.