Cybersecurity Incident Response Lead

Custodia Bank

Custodia Bank

Remote
Posted on Aug 24, 2023
We see a future where all banks will need to support digital assets and provide a responsive, online interface to tech-savvy customers. Custodia is already a chartered bank and is building digital asset products alongside its US dollar payment offering, including custody and settlement services. The Custodia team is comprised of all-stars with deep experience in both bitcoin and traditional financial services.
If you expect more from existing banks, join our team and help build a better one, from the ground up. We are currently looking for a passionate and dynamic individual to join our organization as an Cybersecurity Incident Response Lead.
About Your Role
We are looking for an experienced incident response lead to drive ongoing maturing in our cybersecurity practice. The ideal candidate will have experience in incident planning, incident response, security incident and event management tool configuration and tuning, and aligning programs to relevant NIST standards and frameworks. This role reports to the Vice President (VP) of Information Security.

Responsibilities & Results

  • Work with the VP of Information Security to mature a robust and scalable incident response program, inclusive of the technologies, personnel, and aligned to industry best practices.
  • Review and provide recommendations for updates to existing policy and program documents to ensure regulatory expectations and industry best practices are accounted for.
  • Drive security alert development, rule tuning, and testing of configured alerts.
  • Own incident response plans, tabletop testing, and technical exercises.
  • Manage on-call schedule for response activities.
  • Provide reporting related to incident response posture and publication of any after-incident documentation and communications.
  • Assess current state practices, recommend improvements, and own implementation of any selected solutions.
  • Integrate and tune signal sources.
  • Build, operate, and test alerting and thresholds for alerts in the SIEM.
  • Conduct response activities in conjunction with coordinated simulations and real-world events.
  • Develop, maintain, and test disaster recovery systems and configurations along with associated documentation

What You’ll Bring

  • 5+ years experience in cybersecurity with a specific focus on incident response.
  • A combination of education and experience may meet this requirement.
  • Working knowledge of common attack vectors and MITRE frameworks, different classes of attacks (e.g., passive, active, insider, close-in, distributed, etc.) and attack stages (e.g., recon and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, etc.).
  • Strong interpersonal and written communication skills, including the ability to produce technical documentation, standard operating procedures, and incident response playbooks.
  • Experience in common SIEM platforms Experience in cloud native security architecture

Why Join Us?

  • Competitive Equity Package
  • 100% Remote
  • Amazing Growth Opportunity
  • Unlimited PTO
Custodia embraces diversity and is proud to be an equal opportunity employer. As part of our commitment to diversifying our workforce, we do not discriminate on the basis of age, race, sex, gender, gender identity, color, religion, national origin, sexual orientation, marital status, citizenship, veteran status, or disability status.