Lead Cyber Security Operations Center

About Us

State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world.

We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.

The Role

We seek a Lead Cyber Security Operations Center (SOC) Manager who will assist in detecting, triaging, analyzing and responding to cyber-attacks.

The successful candidate will join our SOC team which operates 24/7 coverage, 365 days a year model, with a partner team in Ireland.

Key Responsibilities

• Lead the cyber incident response process to ensure timely triage, analysis, containment, eradication and return to service for high severity or long running incidents.
• Author incident status updates and closure reports to leadership.
• Produce post mortem reports to identify lessons learned and recommendations.
• Continuously prepare for incidents by updating and maintaining incident response plans, playbooks and procedures.
• Manage and participate in cyber related exercises such as table tops and cyber ranges.
• Measure the effectiveness and performance of the incident response process through KRI and KPI metrics.
• Identify methods to continuously enhance the incident response process.
• Work closely with the SOC to drive development and collaboration.
• Train and Mentor SOC personnel.

Requirements

• Experience with investigating & managing major/complex cyber incidents end to end.
• Experience working/leading in a SOC or Fusion Center.
• Strong operating systems administration skills (Windows, Linux, Mac).
• Strong malware analysis expertise.
• Experience in performing memory forensics.
• Knowledge of adversarial tactics, techniques, procedures (TTPs) & Industry standard frameworks (NIST, Mitre Att&ck).
• Knowledge of IT architecture and operations (computing, network, storage & cloud).
• Strong working knowledge of security technologies including but not limited to SIEM, EDR/EPP, AV, ID/PS, HIPS, Web Proxy/Content filtering, AD, PKI and DNS.

Preferred Qualifications

• Bachelor's in Cyber Security, Information Technology, Computer Science and/or completion of a Cybersecurity boot camp.
• In lieu of education requirements, relevant industry experience will be considered.
• CISSP, CEH, OSCP, OSCE or GCIH or applicable certification in Security field.
• 4 years in a cyber security SOC/IR type skill role – Incident Response, SOC Tier 3/Lead Analyst, Threat Hunter, Penetration testing, etc.
• Financial Services experience a plus.
• Software development and/or scripting experience a plus: Python, Powershell, SQL etc.

About State Street

We truly believe our employees' diverse backgrounds, experiences and perspectives are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients.