Apply on Employer Site

Global Payments Inc. · 1 day ago

Incident Response Coordinator

Atlanta, GA

Full-time

Onsite

Entry, Mid Level

2+ years exp

Global Payments Inc. is seeking an Incident Response Coordinator to join their Global Cybersecurity Incident Management team. This role involves coordinating containment, eradication, and post-incident activities for critical cybersecurity incidents, as well as engaging with stakeholders for Root Cause Analysis and ensuring improved incident response techniques.

AppsBankingCreditEnterpriseFinanceFinancial ServicesPayments

Responsibilities

Coordinate incident response in line with the corporate security incident response plan

Manage post-incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis and the tracking of actions to prevent incident recurrence

Provides 24x7 on-call incident management support on rotation for critical security incidents

Stays up to date with new and emerging threats that can affect the organisation's information assets, third party software/solutions, IT configuration changes, and network/system

Provides executive level written communication during incident response for inquiries related to security incidents or assigned cases

Coordinate the remediation of findings from the organisation’s Bug Bounty Program working directly with whitehat researchers

Works closely with Risk Management teams to document identified risks and issues highlighted through post-incident or root cause analysis activities

Maintains a working knowledge of key data security frameworks and regulations such as PCI (Payment Card Industry)/Logical Security guidelines and models, HIPPA (Health Insurance Portability and Accountability Act), (GDPR) General Data Protection Regulation, PII (Personally Identifiable Information), NIST CSF (Cyber Security Framework)

Collaborates with Legal and Privacy Offices throughout the company on critical data protection/security incidents

Participates in reviews and assessments to provide recommendations to enhance or improve the security posture of environments as part of post incident activities and lessons learned

Maintain and follow runbooks for day-to-day incident response activities in line with the corporate security incident response plan

Qualification

Incident ManagementIncident ResponseCybersecurity FrameworksNetwork OperationsSecurity CertificationsCloud TechnologiesMeeting FacilitationSelf-EducationCommunication SkillsProblem Solving

Required

Relevant Experience or Degree in: Bachelor's degree in Computer Science, Info Security, or related field. Or relevant work experience in a related field

Typically Minimum 2 Years Relevant Experience with Incident Management or Incident Response

Knowledge of network operations or engineering or system administration on Unix, Linux, MAC (Message Authentication Code), or Windows; common security operations, intrusion detection systems, Security Incident Event Management systems, Penetration Testing, Web Application assessment, Secure Coding practices, Cloud Technologies

Strong verbal and written communication skills

Demonstrated ability to effectively communicate ideas and persuade others to accomplish challenging goals and objectives

Ability to facilitate meetings and enable discussions that lead to resolution and communicate results

Skills / Knowledge - Developing professional expertise, applies company policies and procedures to resolve a variety of issues

Job Complexity - Works on problems of moderate scope where analysis of situations or data requires a review of a variety of factors. Exercises judgement within defined procedures and practices to determine appropriate action. Builds productive internal/external working relationships

Supervision - Normally receives general instructions on routine work, detailed instructions on new projects or assignments

Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them

Incident Response - Knowledge and skills to contribute to all phases of Incident Response

Preferred

ITIL V4

Professional security certifications such as CompTIA Security+/ Cybersecurity Analyst+, or Systems Security Certified Practitioner (SSCP), or CISM(Certified Information Security Manager), or CISA(Certified-Information-Systems-Auditor), or GSEC (GIAC Security Essentials), or GCIH (GIAC Certified Incident Handler)

Knowledge of industry standard security compliance programs PCI (Payment Card Industry), GDPR (General Data Protection Regulation), NIST Cyber Security Framework etc.)

Cloud Knowledge or certifications such as Google Cloud Fundamental or AWS Foundations

Experience working in Google Workspace and JIRA