CSOC Security Incident Management

Location

New York

Business Area

Legal, Compliance, and Risk

Ref #

10051547

Description & Requirements

The Bloomberg Security Incident Management (Sec IM) team provides consistent coordination and management of information security incidents and events across Bloomberg's diverse lines of business and vast global network.

What is the team?

Sec IM works closely with teams across Bloomberg, coordinating, commanding, and documenting responses for all security incidents and high-profile security events. The team is responsible for ensuring responses are efficient and comprehensive. The team also plays a key role in identifying methods to improve upon similar scenarios. Key partners include incident responders, threat intelligence, legal, vulnerability analysts, security program leads, and many other teams within the company.

What is the role?

A successful candidate will be focused on coordination, leadership, delegation, documentation, and identification of required response actions, rather than performing technical deep dives such as forensics or reverse engineering. You will be expected to fulfill common incident management roles in a security context where the goal is careful containment and remediation of incidents and events which could jeopardize the confidentiality, integrity, and/or availability of Bloomberg systems and records.

We'll trust you to:

Lead & focus

- Demonstrate clear and calm leadership, setting the tone for each response

- Command and coordinate a response to security incidents, relevant threats, and high-profile security events

- Scope a response to the next best actions

- Ensure response is sustainable for all resources involved

- Support beyond normal hours in an emergency or during times of staff shortage

Coordinate & communicate

- Delegate tasks in a timely manner and manage them to closure or management handoff

- Facilitate incident / threat resolution through prompt communication across multiple teams

- Document status and regularly communicate updates to stakeholders and senior management

- Maintain and track key metrics and providing reporting related to incident management

- Work closely with global Sec IM staff (New York, Dublin, Sydney), ensuring continuous involvement

Update and maintain procedures that effectively guide security incident management

- Participate in scenario analyses (e.g. tabletops, functional exercises, etc.)

- Participate in skill training

- Conduct Post Incident Review (PIR) to identify paths for improving response to similar scenarios, as well as security posture, delivering those requirements to appropriate stakeholders that handle short-, mid- and long-term remediation

You'll need to have:

- Proven ability to manage tasks during high-pressure, complex situations

- Clear and concise written and verbal communication skills

- Strong critical thinking skills

- Ownership to identify problems and pursue solutions, individually and collaboratively

- Commitment to building strong networks and collaborative relationships

- Experience leading and managing complex, high-stress projects or incidents

- Effective at using multiple communication styles to close incidents

- Commitment to develop team members skills

- Proven ability to multitask

We would love to see:

- 3+ years working in a cyber security operations center or incident management function(s)

- Experience with host and network incident response, data exposure workflows, and/or urgent vulnerability remediation

- Examples of proactively identifying and improving tooling and processes

- Ability to explain complex topics in accessible language

If that sounds like you:

Apply - if we believe you're a good match, we'll get in touch to let you know the next steps.

Salary Range = 175,000 - 225,000 USD Annual + Benefits + Bonus

The referenced salary range is based on the Company's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level.

We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation (exempt roles only), paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns.