S&P Global Cyber Security – Incident Response Lead in Denver, Colorado

As the Cyber Hunt & Incident Response Lead, you will be part of the Global Technology, Cyber Security team that develops and oversees the company's security program, ensuring the company is protected from existing and emerging threats. Working with the various teams, the Cyber Hunt & Incident Response Lead will ensure that appropriate procedures are in place to detect and respond decisively to security incidents, leading incident response-related activities across the globe.

Primary Responsibilities:

Coordinate and triage responses to cybersecurity events and conduct forensic analysis

Lead and mature a global team of incident response specialists

Drive efforts towards the containment of threats and the remediation of the environment during or after an incident

Understand the threat landscape through collaboration with the Threat Intelligence team and other stakeholders

Direct and support incident response activities

Develop and update standard operating procedures and playbooks to align response activities with best practices

Develop and mature the threat hunting capabilities within the enterprise

Deliver actionable incident metrics to management

Manage the end-to-end incident response lifecycle

Build an understanding of key S&P technology, systems, and business practices


Required Qualifications

Passion for security

Working knowledge of common attack vectors and penetration techniques

Demonstrated experience handling security events in critical environments

Advanced knowledge of network protocols and operating systems

Broad understanding and experience managing security mitigation solutions at all layers

Experience analyzing system and application logs to investigate security and operational issues

Demonstrated experience utilizing a SIEM in investigating security issues

Strong knowledge of current enterprise detection and monitoring technologies and processes

Minimum 5 years of information security experience

Minimum 2 years focused on incident response activities

Ability to work in an "on call" status as necessary

Organization skills with the ability to multi-task and identify priorities, work with cross-functional global teams, and execute on schedule

Ability to communicate to a technical and non-technical audience

Excellent report writing and presentation skills

Comfortable working in a fast-paced, exciting environment

Excellent communication skills to effectively present to different business and technical audiences

Preferred Qualifications

Degree in either Computer Engineering, Computer Science, or Information Systems Management

Experience in the financial services industry

Coding - Scripting in any major language (.NET, Java, Python, Ruby, PowerShell)

Windows and Linux administration tools and concepts

To all recruitment agencies:

S&P Global does not accept unsolicited agency resumes. Please do not forward such resumes to any S&P Global employee, office location or website. S&P Global will not be responsible for any fees related to such resumes.

S&P Global is an equal opportunity employer committed to making all employment decisions without regard to race - ethnicity, gender, pregnancy, gender identity or expression, color, creed, religion, national origin, age, disability, marital status (including domestic partnerships and civil unions), sexual orientation, military veteran status, unemployment status, or any other basis prohibited by federal, state or local law. Only electronic job submissions will be considered for employment.

If you need an accommodation during the application process due to a disability, please send an email to:

EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.

The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law.