Cybersecurity Incident Responder

As a member of Fiserv's Cybersecurity Incident Response Team (CSIRT), you will be responsible for commanding the investigation, analysis, containment, and remediation of cybersecurity incidents across the global enterprise environment. You will be the primary escalation point for Tier 1 analysts and accountable for validating, investigating, and responding to confirmed security incidents in accordance with established cyber incident response procedures. The successful candidate will perform advanced analysis of network traffic, endpoint activity, and log data, correlate findings across multiple sources, rapidly driving containment and mitigation actions.

What you will do?

• Lead investigation and response activities for confirmed and escalated cyber security incidents in accordance with established playbooks and service level targets.
• Perform analysis of suspicious activity across endpoint, network, identity, email, cloud, application, and system log sources.
• Analyze, investigate, and correlate data from SIEM/SOAR, EDR, firewall, proxy, intrusion detection/prevention, email security, and other monitoring platforms to drive accurate incident response.
• Document investigations, findings, actions taken, and escalation details in the case management system with clear, complete, and timely notes. Create full summary reports of events of interest to drive after action and lessons learned activities.
• Follow shift handoff procedures and communicate open issues, emerging threats, and significant events to team members and incident handlers.
• Contribute to continuous improvement by identifying recurring false positives, process gaps, and opportunities to improve alert quality, runbooks, and analyst efficiency and perform live response activities, including remote and onsite system analysis and evidence collection.
• Drive containment, eradication, and recovery actions in coordination with infrastructure and technology teams.
• Collaborate with Tier 1 analysts to improve detection and response capabilities and provide guidance on escalation quality and partner with security engineering teams to ensure effective operation and tuning of security tools and detection capabilities., * This role is on-site Monday through Friday. Fiserv considers in-person collaboration to be an essential part of this role as in-person office experiences help you with your overall onboarding experience and leads to stronger productivity.

• 3-6 years of experience in cyber security operations, incident response, security monitoring, IT operations, networking, or a related enterprise technology environment.
• Proven experience handling and responding to cyber security incidents in a SOC or CSIRT environment.
• Direct experience with security technologies such as SIEM, EDR, IDS/IPS, email security, firewalls, proxy tools, or case management platforms is preferred.
• Strong knowledge of incident response processes, investigative techniques, threat indicators, and attack methodologies.
• Hands-on experience with log analysis and forensic investigation techniques.
• Ability to prioritize work, manage multiple active incidents, and make sound decisions in a fast-paced, high-impact operational environment.
• Strong critical thinking skills, puzzle-solving ability, and an investigative mindset to analyze complex activity, connect related indicators, and identify root cause and scope of incidents.
• Bachelor's degree in cyber security, information technology, computer science, or a related field preferred; equivalent practical experience

What would be great to have:

• Industry certifications such as GCIH, GREM, GCFA, GCFE, CISSP, CEH, CISA, Security+, or similar advanced cyber security certifications.
• Experience with scripting or programming languages to support automation, analysis, or incident response activities., * You must currently possess valid and unrestricted U.S. work authorization to be considered for this role. Individuals with temporary visas including, but not limited to, F-1 (OPT, CPT, STEM), H-1B, H-2, or TN, or any candidate requiring sponsorship, now or in the future, will not be considered.

$110,000.00 - $186,000.00

These pay ranges apply to employees in New Jersey and New York. Pay ranges for employees in other states may differ.

It is unlawful to discriminate against a prospective employee due to the individual's status as a veteran.

For incentive eligible associates, the successful candidate is eligible for an annual incentive opportunity which may be delivered as a mix of cash bonus and equity awards in the Company's sole discretion.

We're Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants and consumers to one another millions of times a day - quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we're involved. If you want to make an impact on a global scale, come make a difference at Fiserv.