Cybersecurity Incident Response Engineer

Your Opportunity

As a Senior Analyst for Cyber Incident Response, you will be a key part of the team who will develop and improve the framework, testing/exercises, and processes. You will help coordinate investigations, develop exercise scenarios, and support liaison between digital forensics/SOC (Security Operations Center) and senior leadership. Finally, you will help ensure the program meets FFIEC (Federal Financial Institutions Examination Council) and relevant privacy laws.

What you are good at

  • Coordinate incident response (IR) measures between SOC, Forensics, and enterprise technology stakeholders to triage and lead escalated security incidents and enable a more centralized control of IR activities
  • Improve information and workflow processes for the incident response program to ensure it is FFIEC compliant
  • Escalate incidents based on defined threat and priority thresholds
  • Update and maintain incident response documentation and processes in accordance with standards by continuously monitoring and improving process, playbook, and standard based on what we learn from each incident and exercise
  • Support projects to develop and integrate comprehensive program documentation (standards, processes, and playbooks)
  • Coordinate response/containment activities and monitor/track actions to completion
  • Develop and support self-identified findings for program
  • Support implementation and improvement of data management processes
  • Maintain and update the Cybersecurity Incident Response Standard and Plan
  • Assist with the development of any new IR documentation and execution of the IR program roadmap
  • Support exercise development to include scenario and objective development
  • Support coordination and facilitation of Cybersecurity tabletop exercises
  • Gather information required for regulatory reporting during an incident and provide to the regulatory partners
  • Support Lessons Learned processes, provide After-Action Reports, and track remediation plans to closure
  • Recommend process changes to enhance defense and response procedures
  • Align Cybersecurity IR processes with Business Continuity Incident Management and Disaster Recovery processes

What you have

  • Bachelor’s Degree in a related discipline
  • 5+ years’ experience of relevant work experience and/or related disciplines
  • Previous experience executing various incident response frameworks and handling procedures
  • Previous experience working in a Security Operations Center (SOC)
  • Certifications: CISSP (preferred), CISM (optional)
  • Demonstrates experience and understanding of cyber risks and threats related to cyber attack
  • Maintains a superior level of customer satisfaction with internal and external customers
  • An ability to coordinate and organize work while meeting deadlines
  • Decision making, written and oral communication and people management skills
  • Proven team building and successful leadership qualities
  • Strong written and verbal communication skills with ability to translate technical terms into business language
  • Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness

Why work for us?

Own Your Tomorrow embodies everything we do! We are committed to helping our employees ignite their potential and achieve their dreams. Our employees get to play a central role in reinventing a multi-trillion-dollar industry, creating a better, more modern way to build and manage wealth.

Benefits: A competitive and flexible package designed to empower you for today and tomorrow. We offer a competitive and flexible package designed to help you make the most of your life at work and at home—today and in the future. Explore further.

Schwab is committed to building a diverse and inclusive workplace where everyone feels valued. As an Equal Opportunity Employer, our policy is to provide equal employment opportunities to all employees and applicants without regard to any status that is protected by law. Please click here to see the policy.

Schwab is an affirmative action employer, focused on advancing women, racial and ethnic minorities, veterans, and individuals with disabilities in the workplace. If you have a disability and require reasonable accommodations in the application process, contact Human Resources at or call 800-275-1281.

TD Ameritrade, a subsidiary of Charles Schwab, is an Equal Opportunity Employer. At TD Ameritrade we believe People Matter. We value diversity and believe that it goes beyond all protected classes, thoughts, ideas, and perspectives.

More Information

Apply for this job

Leave your thoughts

Share this job