Cyber Incident Response Engineer

Overview

Zions Bancorporation's Enterprise Technology and Operations (ETO) team is transforming what it means to work for a financial institution. With a commitment to technology and innovation, we have been providing our community, clients and colleagues the best experience possible for over 150 years. Help us transform our workforce of the future, today. We are seeking a Cyber Incident Response Engineer as part of our Enterprise Information Security department.

Enterprise Information Security (EIS) is integrated within the Enterprise Technology and Operations division (1100+ technical people) at Zions Bancorporation. EIS enables secure innovation and business growth for 10,000+ employees across 11 states and is undergoing rapid growth to create a long-term successful program. The CSOC team defends the enterprise and values input from its members, collaboration with sharp colleagues, and enterprise-wide initiatives.

• Function as a key contributor in the CSOC's growth and evolution, actively improving cyber incident response capabilities
• Respond to cybersecurity incidents
• Apply knowledge in multiple cybersecurity tools and processes such as SIEM, IDS, EDR, DLP, WAF and similar
• Develop and implement monitoring use cases, cyber incident response procedures, playbooks and other technical documentation
• Collaborate with Enterprise Cybersecurity Architecture and technology teams in monitoring and alerting infrastructure, processes, and tools
• Participate in the on-call rotation to maintain 24/7 coverage in responding to alerts and possible threats
• Other duties as assigned

• Hands-on technical experience with one or more commercial SIEM products such as Splunk (preferred), IBM QRadar, Log Rhythm, Arc Sight, Net Witness, etc., including familiarity with defining and writing alert conditions/use cases and daily incident investigations
• Experience producing technical documentation, standard operating procedures, and incident response playbooks
• Technical knowledge in networking, Windows administration, Linux administration, common attack techniques and preventions
• Working knowledge of common attack vectors, different classes of attacks and general attack stages
• Knowledge of system administration concepts for UNIX/Linux and Windows operating systems
• Working knowledge of common digital forensics techniques such as chain of custody and operating system investigation (strongly preferred)
• Foundational knowledge of networking such as packet capture analysis and routing and switching
• Understanding of common social engineering techniques such as phishing and sim swapping
• Development experience with scripting languages such as R, HIVE, Python, JavaScript, etc. (a plus)
• Experience with any Endpoint Detection and Response platform (a plus)
• Relevant technical certifications are a plus (e.g., SANS, ISC2)
• 4+ years of experience in Security Operations, Incident Response, Security Architecture, or related areas; combination of education and experience may meet qualifications
• Experience working in a regulated industry (financial services, healthcare, insurance, etc.) is a plus

This position has a hybrid work-from-home schedule with a minimum of three days per week in the office at the new Zions Technology Center in Midvale, UT. The Zions Technology Center is a 400,000-square-foot campus in Midvale, Utah, built on a former site and designed to support technology and operations with features such as on-site renewable energy, outdoor recreation access, and modern amenities.

• Medical, Dental and Vision Insurance - START DAY ONE
• Life and Disability Insurance, Paid Parental Leave and Adoption Assistance
• Health Savings (HSA), Flexible Spending (FSA) and dependent care accounts
• Paid Training, Paid Time Off (PTO) and 11 Paid Federal Holidays
• 401(k) plan with company match, Profit Sharing, competitive compensation
• Mental health benefits including coaching and therapy sessions
• Tuition Reimbursement for qualifying employees
• Employee Ambassador preferred banking products

Apply now if you have a passion for impactful outcomes, enjoy working collaboratively with co-workers, and want to make a difference for the clients and communities we serve.