Manager of Cyber Incident Response

Zions Bancorporation's Enterprise Technology and Operations (ETO) team is transforming what it means to work for a financial institution.

With a commitment to technology and innovation, we have been providing our community, clients and colleagues the best experience possible for over 150 years.

Help us transform our workforce of the future, today.

The Cybersecurity Operations Center (CSOC) department within ETO is looking for a Manager of Cyber Incident Response to join the team.

As the Manager of Cyber Incident Response, you would play a key role in defending the enterprise from malicious actors and improving our security posture.

The work you do has real impact enterprise-wide and is truly valued throughout the organization.

The Cybersecurity Operations Center (CSOC) department is the cyber front line at Zions Bancorporation. As a leader of the Incident Response team, you will be an integral part of the CSOC.

The other members of the CSOC organization include Cyber Continuous Assurance and Cyber Offensive Security.

We operate in a fast-paced, information-driven environment, which means we need people who bring diverse experiences, perspectives, and expertise to meet ever-changing demands.

Your ability to adapt, learn innovate and collaborate with a dynamic team helps us provide exceptional service to our customers and communities.

The Manager of Cyber Incident Response will report into the Director, CSOC and is responsible for leading a technical team to analyze the cyber environment and developing security measures to safeguard the confidentiality, integrity, and availability of information.

The manager will work closely with other managers across Cyber, as well as partners across Technology and the business.

Responsibilities :

As a hands on working manager, the leader will focus on continuous monitoring, alerting, escalation, and response of suspicious activities including : research indicators of compromise, continuous configuration, SIEM customization, and logging requirements for technical assets

Internal investigations, forensics, eDiscovery

Manage the Security tooling (ie. XDR, SIEM, etc.) including overseeing the deployment, integration and configuration of all new security solutions and of any enhancements to existing security solutions in accordance with industry-leading practices generically and the enterprise's security documents specifically.

Deliver after-action facilitation and action / remediation oversight

Provide development, education, and oversight of relevant standards, procedures, and playbooks for completeness and accuracy including leading tabletops and simulation exercises, Security Incident Management Framework

Continuous monitoring, alerting, escalation, and response of suspicious activities

Provide coaching, constructive feedback, workload management and direction to staff to ensure successful achievement of projects and initiatives

Develop procedures and guidelines to support consistent delivery of services

Consult with other Cyber & Information Security colleagues to continuously evaluate and implement security solutions

Communicate potential security concerns / exposures to appropriate leadership

Coordinate and collaborate with business organizations and other IT groups to ensure quality solutions are delivered within project timelines and to facilitate an enterprise wide understanding of security goals, to solicit feedback and foster cooperation

Maintain up-to-date knowledge of the cyber and information security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.

Ensures adequate and effective technical and non-technical controls exist to meet current and future security compliance requirements found in local, state, and federal laws and regulations

Identify / recommend tools, processes, software, and hardware to improve or replace current security infrastructure practices, services, or technologies to meet future requirements.

Requirements :

5+ years of experience in cyber security initiatives which may include some or a combination of roles in IT Security, cyber security, risk, compliance, audit, threat detection, data privacy, etc.

Experience managing a team and / or coaching team members

Experience developing policies / procedures for security processes

Ability to effectively lead Cyber discussions and initiatives and actively participate in technical discussions.

Ability to lead a team including mentoring, coaching, and motivating, providing an opportunity to learn and grow

Proven track record of successfully managing projects, with a particular emphasis on handling complex assignments

Demonstrated history of achieving customer satisfaction by effectively managing both internal and external stakeholders

Strong relationship building skills; Must be able to work collaboratively and cooperatively as a team member and as a people manager

Ability to influence peers and business stakeholders

Cyber certifications are a plus - Certified Information Security Manager ("CISM"), Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), etc.

Pay Range :

$170,000-$190,000 (Based upon relatable skills / experience)

Location :

This position requires regular face-to-face interaction with teams, business stakeholders, and executives in the Midvale, UT area.

We will consider candidates in the area, able to relocate to the area, or working remotely but willing to travel regularly to Midvale.

Apply now if you have a passion for impactful outcomes, enjoy working collaboratively with co-workers, and want to make a difference for the clients and communities we serve.