Incident Responder II

Osaic Careers IT Opportunity in Financial Services Incident Responder II

Location(s):

• Atlanta: 2300 Windy Ridge Pkwy SE, Suite 750, Atlanta, GA 30339
• La Vista: 12325 Port Grace Blvd, La Vista, NE 68128
• Oakdale: 7755 3rd St. N, Oakdale, MN 55128
• Scottsdale: 18700 N Hayden Rd, Suite 255, Scottsdale, AZ 85255
• St. Petersburg: 877 Executive Center Dr. W, Suite 300, St. Petersburg, FL 33702

Osaic has returned to the office on a hybrid schedule requiring a minimum of 4 days weekly in the office. Applicants should be located at one of our hubs and must be willing to work this schedule.

Role Type:
Full-time, Non-Exempt

Salary: $75,000 - $94,000 per year + annual performance-based bonus. Actual compensation offered will be determined individually, based on several job‑related factors, including location, skills, licensure, experience, and education.

Benefits include health, vision, dental insurance, 401k, paid time away, volunteer days, and more.

The Incident Responder II supports Osaic’s home office and cybersecurity operations. This role combines technical competence with hands‑on experience to ensure secure, efficient processes across the organization.

As an Incident Responder II, you will monitor security‑related events, triage potential incidents, and respond to confirmed incidents as necessary. You will work closely with other members of Osaic – primarily within the Security, Privacy, Legal and Infrastructure organizations, and are expected to work independently and proactively.

• Detect, analyze, and address cybersecurity incidents using SIEM, EDR, and other security solutions.
• Conduct root cause investigations and create remediation strategies for security events.
• Record incident response steps and keep thorough documentation for compliance and reporting purposes.
• Create incident reports detailing the events of the incident, include attack vectors, identify vulnerabilities, gaps, and outline suggested remediation steps.
• Track security alerts and logs from both Windows and Linux platforms.
• Perform forensic examinations on compromised systems, including memory, disk, and network evidence.
• Identify indicators of compromise (IOCs) and update detection rules as needed.
• Apply containment measures to reduce the effects of security breaches.
• Work with system administrators to recover impacted systems and verify their integrity after incidents.
• Develop and update incident response playbooks and processes.
• Partner with threat intelligence teams to anticipate emerging threats.
• Suggest improvements to security across all environments.
• Ensure incident handling is consistent with regulatory and company guidelines.
• Create comprehensive incident reports for internal review and audits.
• All other duties as assigned.

• 2+ years of cybersecurity experience, including roles in SOC, SIEM engineering, vulnerability management, incident response, etc.
• Hands‑on experience with SIEM platforms, EDR tools, incident response platforms, etc.
• Proficiency in monitoring and triaging security alerts.
• Basic experience with forensic investigation.
• Familiarity with vulnerability scanning tools, threat intelligence platforms, IAM platforms, encryption, email security, etc.
• Excellent communication and organizational skills.
• Quick learner with basic technical skills to efficiently navigate through various systems.
• Strong customer focus orientation.
• High attention to detail, analytical mindset, and problem‑solving skills.
• Ability to work independently and maintain elevated levels of quality.
• Self‑motivated individual capable of meeting departmental expectations and deadlines.
• Ability to participate and contribute to a team environment.

• 5+ years’ experience in financial services operations or broker‑dealer environment.
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or related field.
• Higher level certifications, including CompTIA Security+, CySA+, GSEC, or CISSP, etc.
• Understanding of major security frameworks like NIST CSF, ISO 27001, SOC 2, PCI‑DSS, HIPAA.
• Understanding SQL for querying LMS as part of ongoing investigations.