Cyber Security Analyst - Incident Response

Job Purpose

CLS is seeking a decisive technical analyst to handle our internal incident response lifecycle and ensure the operational resilience of critical financial infrastructure. The role will act as the incident handler for internal CLS security events and will be the bridge between SOC detections and executive crisis management, ensuring technical response is governed and documented.

Core Responsibilities

• Incident handling: Act as the lead handler for level 3 incidents, coordinating and carrying out investigative tasks and containment, eradication and recovery in the ecosystem.
• Operational governance: Author and maintain playbooks and SOPs, ensuring alignment with internal processes, NIST 800-61 and associated frameworks.
• Technical readiness: Facilitate cyber incident response testing with regular tabletop exercises.
• Security operations: Present weekday fusion calls and participate in the on-call and scheduled rotation. Analyze escalated SOC and info-sec incidents.
• Reporting: Design and author post-incident lessons learned reports and root cause analyses.
• SME Consultancy: Provide IR input for internal audit and compliance

Experience

• 3-5 years cyber security analyst experience.
• Strong understanding of attacker methodologies and the cyber kill chain and MITRE ATT&CK framework.
• Working knowledge of financial regulatory requirements (FRBNY, GDPR, SOC, ISO, etc.)

Qualifications/Certifications

• Bachelor's Degree in Cybersecurity studies, Computer Science, or related discipline
• Security certification such as SANS GIAC (or equivalent) such as GCIH, GCFE or GCFA.
• High proficiency in log analysis (SIEM), EDR, antivirus and forensics tools