Cyber Incident Response Analyst
Dorchester, United States of America

At Santander, the Incident response team works on any incident that puts company data at risk in any US entity with the goal of making the environment safer by containment, remediation, and reporting of the results of an incident investigation. The Incident Response analyst is primarily responsible for incident handling, including triage, analysis, coordination, and technical recommendations. The analyst will work with EDR software, firewalls and WAF technologies, log aggregators and DLP tools. They will analyze data sources to determine the likely cause of security alerts and assess if there is an ongoing attack. They will work with other technical teams to understand the risk from the threat and recommend remediation measures to reduce risk and increase safety. Additionally, this role requires someone with attention to detail who is willing to ensure that proper documentation in maintained and follow ups are handled, as well as provide data for internal and external auditors.
Responsibilities:
- The incident response analysts are responsible for owning, investigating, containing and managing the remediation of security incidents
- The Incident response team works on any incident that puts Santander data at risk in any US entity
- This team member will work with firewalls, intrusion protection, web proxy, antivirus, SIEM, vulnerability scanning and other key threat countermeasures
- Research and analyze data sources to provide insight into new trends to customer environment collaborating with other members of the SOC
- Troubleshoot problems with customer policies and controls
- Performing on-demand vulnerability scanning and compliance monitoring to ensure agency security standards are met
- Identification of network and operating systems vulnerabilities and recommending countermeasures
- Supports the deployment and integration of security tools
- Analyze and recommend solution of information security problems based on knowledge of the major information security products and services
- Strong interpersonal and communication skills with the ability to lead and work as part of a team.

Bilingual English Spanish is a plus.

Requirements:

- Experienced with AWS/Azure systems.
- 3-5 years of experience in a technical security role (SOC or IR)
- Strong interpersonal and communications skills and a demonstrated ability to lead small teams
- Background in incident response and familiarity with the phases/processes/procedures of incident response
- Familiarity with any of the following tools: Splunk, CrowdStrike, McAfee, Service Now, Resilient, Cisco Umbrella
- Detailed oriented and a desire for learning.

Diversity & EEO Statements: At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We actively encourage everyone to apply.
Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status, or any other characteristic protected by law.
Working Conditions: Frequent Minimal physical effort such as sitting, standing, and walking. Occasional moving and lifting equipment and furniture is required to support onsite and offsite meeting setup and teardown. Physically capable of lifting to fifty pounds, able to bend, kneel, climb ladders.
Employer Rights: This job description does not list all the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate at any time for any reason.
Bachelor of Science (BS) English
Primary Location: Dorchester, MA, Dorchester
Other Locations: Massachusetts-Dorchester
Organization: Santander Holdings USA, Inc.