Global Payments Inc.
Join to apply for the Incident Response Coordinator role at Global Payments Inc.
Description As part of the Global Cybersecurity Incident Management (GCIM) team you will coordinate containment, eradication and post‑incident activities for critical cyber security incidents. You will play a key role in the Incident Response Team (IRT) overseeing, validating and documenting containment acting as a point of escalation for our Global Security Operations Center (GSOC). Following security incident containment & recovery you will be responsible for engaging with key stakeholders for any Root Cause Analysis (RCA) and post‑incident activity, ensuring we have reduced the chances of incident recurrence and assessed the efficiency of our incident response techniques and procedures.
What Part Will You Play?
Coordinate incident response in line with the corporate security incident response plan.
Manage post‑incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis and the tracking of actions to prevent incident recurrence.
Provide 24x7 on‑call incident management support on rotation for critical security incidents.
Stay up to date with new and emerging threats that can affect the organisation's information assets, third‑party software/solutions, IT configuration changes, and network/system.
Provide executive‑level written communication during incident response for inquiries related to security incidents or assigned cases.
Coordinate the remediation of findings from the organisation’s Bug Bounty Program working directly with white‑hat researchers.
Work closely with Risk Management teams to document identified risks and issues highlighted through post‑incident or root‑cause analysis activities.
Maintain a working knowledge of key data security frameworks and regulations such as PCI (Payment Card Industry)/Logical Security guidelines and models, HIPAA, GDPR, PII, NIST CSF.
Collaborate with Legal and Privacy Offices throughout the company on critical data protection/security incidents.
Participate in reviews and assessments to provide recommendations to enhance or improve the security posture of environments as part of post‑incident activities and lessons learned.
Maintain and follow runbooks for day‑to‑day incident response activities in line with the corporate security incident response plan.
Minimum Qualifications
Bachelor’s degree in Computer Science, Info Security, or related field, or relevant work experience in a related field.
Typically minimum 2 years relevant experience with Incident Management or Incident Response.
Knowledge of network operations or engineering or system administration on Unix, Linux, MAC, or Windows; common security operations, intrusion detection systems, Security Incident Event Management systems, penetration testing, web application assessment, secure coding practices, cloud technologies.
Preferred Qualifications
ITIL v4.
Professional security certifications such as CompTIA Security+/Cybersecurity Analyst+, SSCP, CISM, CISA, GSEC, or GCIH.
Knowledge of industry‑standard security compliance programs PCI, GDPR, NIST Cyber Security Framework, etc.
Cloud knowledge or certifications such as Google Cloud Fundamentals or AWS Foundations.
Experience working in Google Workspace and JIRA.
Desired Skills and Capabilities
Strong verbal and written communication skills.
Ability to effectively communicate ideas and persuade others to accomplish challenging goals and objectives.
Ability to facilitate meetings and enable discussions leading to resolution and communicate results.
Professional expertise and application of company policies and procedures to resolve a variety of issues.
Works on problems of moderate scope requiring review of a variety of factors; exercises judgment within defined procedures.
Receives general instructions on routine work, detailed instructions on new projects or assignments.
Continual self‑education on new and emerging threats and relevant processes, controls, or technologies to mitigate them.
Knowledge and skills to contribute to all phases of Incident Response.
#J-18808-Ljbffr
Description As part of the Global Cybersecurity Incident Management (GCIM) team you will coordinate containment, eradication and post‑incident activities for critical cyber security incidents. You will play a key role in the Incident Response Team (IRT) overseeing, validating and documenting containment acting as a point of escalation for our Global Security Operations Center (GSOC). Following security incident containment & recovery you will be responsible for engaging with key stakeholders for any Root Cause Analysis (RCA) and post‑incident activity, ensuring we have reduced the chances of incident recurrence and assessed the efficiency of our incident response techniques and procedures.
What Part Will You Play?
Coordinate incident response in line with the corporate security incident response plan.
Manage post‑incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis and the tracking of actions to prevent incident recurrence.
Provide 24x7 on‑call incident management support on rotation for critical security incidents.
Stay up to date with new and emerging threats that can affect the organisation's information assets, third‑party software/solutions, IT configuration changes, and network/system.
Provide executive‑level written communication during incident response for inquiries related to security incidents or assigned cases.
Coordinate the remediation of findings from the organisation’s Bug Bounty Program working directly with white‑hat researchers.
Work closely with Risk Management teams to document identified risks and issues highlighted through post‑incident or root‑cause analysis activities.
Maintain a working knowledge of key data security frameworks and regulations such as PCI (Payment Card Industry)/Logical Security guidelines and models, HIPAA, GDPR, PII, NIST CSF.
Collaborate with Legal and Privacy Offices throughout the company on critical data protection/security incidents.
Participate in reviews and assessments to provide recommendations to enhance or improve the security posture of environments as part of post‑incident activities and lessons learned.
Maintain and follow runbooks for day‑to‑day incident response activities in line with the corporate security incident response plan.
Minimum Qualifications
Bachelor’s degree in Computer Science, Info Security, or related field, or relevant work experience in a related field.
Typically minimum 2 years relevant experience with Incident Management or Incident Response.
Knowledge of network operations or engineering or system administration on Unix, Linux, MAC, or Windows; common security operations, intrusion detection systems, Security Incident Event Management systems, penetration testing, web application assessment, secure coding practices, cloud technologies.
Preferred Qualifications
ITIL v4.
Professional security certifications such as CompTIA Security+/Cybersecurity Analyst+, SSCP, CISM, CISA, GSEC, or GCIH.
Knowledge of industry‑standard security compliance programs PCI, GDPR, NIST Cyber Security Framework, etc.
Cloud knowledge or certifications such as Google Cloud Fundamentals or AWS Foundations.
Experience working in Google Workspace and JIRA.
Desired Skills and Capabilities
Strong verbal and written communication skills.
Ability to effectively communicate ideas and persuade others to accomplish challenging goals and objectives.
Ability to facilitate meetings and enable discussions leading to resolution and communicate results.
Professional expertise and application of company policies and procedures to resolve a variety of issues.
Works on problems of moderate scope requiring review of a variety of factors; exercises judgment within defined procedures.
Receives general instructions on routine work, detailed instructions on new projects or assignments.
Continual self‑education on new and emerging threats and relevant processes, controls, or technologies to mitigate them.
Knowledge and skills to contribute to all phases of Incident Response.
#J-18808-Ljbffr