A career at New York Life offers many opportunities. To be part of a growing and successful business. To reach your full potential, whatever your specialty. Above all, to make a difference in the world by helping people achieve financial security. It's a career journey you can be proud of, and you'll find plenty of support along the way. Our development programs range from skill-building to management training, and we value our diverse and inclusive workplace where all voices can be heard. Recognized as one of Fortune's World's Most Admired Companies, New York Life is committed to improving local communities through a culture of employee giving and service, supported by our Foundation. It all adds up to a rewarding career at a company where doing right by our customers is part of who we are, as a mutual company without outside shareholders. We invite you to bring your talents to New York Life, so we can continue to help families and businesses "Be Good At Life." To learn more, please visit LinkedIn, our Newsroom and the Careers page of www.NewYorkLife.com.
The Senior Incident Response Coordinator is a key function of the Computer Security Incident Management Team (CSIM) reporting to the CSIM Manager. This position requires someone with a significant background in regulatory and governance frameworks, technology, and incident response procedures to act as a subject matter expert in Cybersecurity Incident Response and build a business division IR program as well as manage and coordinate cross-functional response actions for high impact cyber incidents with minimal guidance.
The individual will leverage their subject matter expertise to assist in performing ad-hoc current state maturity assessments, work with team members and key enterprise stakeholders in the development and maintenance of a business division's Cyber Incident Response Program, including documentation, execution and maintenance of processes, and implementation and use of technologies to create efficiencies within existing and newly planned capabilities. The individual will be adept in incident and crisis management, able to assert authority and calm in stressful situations, and leverage established and ad-hoc processes in response to guide response efforts in alignment with industry best practices, regulatory compliance, and legal obligations.
12-15 years or revelevant experinece
Specifically aligned to and works closely with Agency technical and operational leadership and staff to build an effective organic Incident Response program, to include processes and resources in compliance with the corporate standards and program
Performs incident analysis to identify and classify cyber security incidents within the context of a significant revenue generating business unit as well as the entire enterprise with minimal guidance
Responds to computer security incidents according to established response processes, leverages other team members and subject matter expertise where established processes do not exist
Acts as a subject matter expert regarding incident response processes
Assists and provides guidance to other stakeholders during the incident response process
Provides timely and relevant updates to appropriate stakeholders and key decision makers
Validates and maintains incident response plans and processes
Develops appropriate framework for, compiles, and analyzes data for management reporting and metrics
Analyzes potential impact of new threats and communicates risks via appropriate channels
CISM and CISSP strongly preferred
Bachelers degree or equivalent preferreed, but not required
Moderate to advanced understanding of financial regulatory issues (6+ years of direct experience) with respect to cyber security and emerging privacy laws. An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner.
Ability to consume and synthesize intelligence about threat actors, techniques, and situations to identify emerging risk scenarios in the context of Agency as well as the enterprise. Knowledge of and significant personal experience (15+ years) in end-to-end IT problem management and root cause analysis in an operational capacity in large enterprise environments.
Decision Making/ Nature of Impact
In depth understanding of large enterprise IT Service and Delivery Management model, and an ability to perform independent analysis of complex problems by distilling relevant findings and root causes. Must be comfortable making decisions in a volatile, uncertain, complex, and ambiguous environment where competing priorities are common.
Ability to communicate complex technical concepts and situations to diverse audiences both orally and in writing in an easily understood, authoritative, and actionable manner. Able to present a command presence as a subject matter expert during crisis situations to manage conversation flow regarding cyber incidents.
If you have difficulty using or interacting with any portions of this Web site due to incompatibility with an Assistive Technology, if you need the information in an alternative format, or if you have suggestions on how we can make this site more accessible, please contact us at: (212) 576-5811.
New York Life