Senior Incident Response Analyst - (Mississippi or South Louisiana)

At BankPlus, we strive to add value for our employees, customers and shareholders. We are a high-performing TEAM committed to fulfilling promises, building lasting relationships, and making dreams come true.

All current employees must have a performance rating of Outstanding or High-Performing to be eligible to post for a position. 

General Position Scope:

The Incident Response Analyst will identify, track, monitor, and manage cybersecurity incident & event detection technologies, processes, and practices.  The Senior Incident Response Analyst will be the subject matter expert in detecting, identifying, and remediating real cyber threats from start to finish. You will leverage your extensive SOC experience to close out investigations efficiently and effectively.

You will have a thorough understanding of the cyber threat landscape and have an exceptional ability to conduct trending and correlation analysis of various cyber intel sources for the purposes of indicator collections, attributions and establishing countermeasures to proactively defends against threat actors.

This position involves critical duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work.

Duties and Responsibilities:

• Analyze network traffic, endpoints, and logs to identify threats and recommend countermeasures
• Conduct digital forensics on various artifacts, extracting Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs).
• Automate security activities related to incident response and data analytics.
• Lead the Computer Incident Response Team (CIRT) in addressing time-sensitive threats.
• Collaborate with IT and Cybersecurity teams to enhance the company's defense posture.
• Perform proactive threat hunting and develop detection logic for advanced threats.
• Provide reporting on activity and progress to Cyber Operations management.
• Develop, deploy & support Security Incident & Event Monitoring (SIEM) software, tools, and technology capabilities for a hybrid-cloud environment. 
• Investigate incident response and system stability issues as they occur. This may include involvement outside of regular work hours.
• Develop security functions and detection logic to identify risks posed by advanced threat actors.
• Perform e-discovery requests as requested.
• Provides insight for security solution improvements based on security issue response and technology knowledge and experience
• Maintain a thorough knowledge of Bank products, services, policies, procedures, and appropriate regulatory issues as related to daily job functions including but not limited to: Bank Secrecy Act; Privacy Act; Fair Lending Act; Regulation E, etc. Complete required compliance training and adhere to the Bank’s standard of conduct.
• Perform other duties as requested.
• Participate in the bank’s High-Performance Rewards Connections program.
• Make referrals to the Mortgage Center and Wealth Management.

Preferred Knowledge and Skills:

• Demonstrated Cyber and IT security knowledge
• Proficient understanding of Cyber and IT security risks, threats, and prevention measures
• Proficient understanding of security standards and best practices
• SIEM management experience including complex search compilation in tools such as Exabeam, Sentinel, ELK, etc.
• Incident management scripting experience.
• Prior experience in the financial services or banking industry.
• Experience with M365 / Azure Data Loss Prevention logging
• Holds one or more including:  Security +, CISSP, SANS, etc.

Position Requirements:

• Bachelor’s Degree in related field preferred.
• Prior incident response experience working in Security Operations Center or Security Incident Response Team structure.
• 4+ years of experience in cybersecurity with a strong focus in incident & threat detection and response in a dynamic IT environment or relevant cybersecurity operations experience in a highly regulated industry.
• Operational experience with SIEM solutions, supporting & integrating technologies such as JSON, APIs, etc. used in security incident detection and response
• Strong understanding of SIEM technologies and digital forensics.
• Excellent problem-solving skills and ability to work under pressure.
• Excellent verbal and written communication skills
• Strong ability to quickly prioritize and complete complex tasks.
• Self-driven and self-disciplined to perform tasks and complete projects with little to no supervision.

BankPlus is an Equal Opportunity Employer and does not discriminate in hiring or employment on the basis of race, color, religion, national origin, citizenship, gender, marital status, sexual orientation, age, disability, veteran status, or any other characteristic protected by federal, state, or local law.

We maintain a drug-free workplace and perform pre-employment substance abuse testing.