Synovus Bank

Monitors tools and systems for security related events that need investigation. Works closely with and obtains input from manager and peers to weigh business needs against security concerns and to determine severity of security related events. Escalates and articulates issues to management as needed. Assists in the development and implementation of security operations related use cases, alerts, standards, policies and procedures. Provides day-to-day execution of operational components, completion of projects to improve operations and client satisfaction. Provides operational support and enforcement of appropriate standards and procedures for assigned operational area. May require 24x7 support availability.

ABOUT THE JOB

Job Duties and Responsibilities Monitors systems and security tools for abnormal activity and responds based on defined guidelines and playbooks. Investigates and responds to information security events. Performs network and host analysis to determine severity and root cause of security events. Investigates Indicators of Compromise (IOCs) on public and private threat intelligence sources. Performs remediation actions and escalates events as needed. Documents investigation and response activities. Writes incident reports of actions performed and lessons learned throughout the investigation of a security event. Assists in the creation and modification of use cases, alerts, procedures, guidelines, and playbooks as needed to ensure effective detection and response to security events. Makes recommendations to improve security posture of systems, networks, and applications that contain sensitive data. Each team member is expected to be aware of risk within their functional area. This includes observing all policies, procedures, laws, regulations and risk limits specific to their role. Additionally, they should raise and report known or suspected violations to the appropriate Company authority in a timely fashion. Performs other related duties as required. The information on this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Synovus is an Equal Opportunity Employer supporting diversity in the workplace.

RESPONSIBILITIES

• Monitors systems and security tools for abnormal activity and responds based on defined guidelines and playbooks.
• Investigates and responds to information security events.
• Performs network and host analysis to determine severity and root cause of security events.
• Investigates Indicators of Compromise (IOCs) on public and private threat intelligence sources.
• Performs remediation actions and escalates events as needed.
• Documents investigation and response activities.
• Writes incident reports of actions performed and lessons learned throughout the investigation of a security event.
• Assists in the creation and modification of use cases, alerts, procedures, guidelines, and playbooks as needed to ensure effective detection and response to security events.
• Makes recommendations to improve security posture of systems, networks, and applications that contain sensitive data.

QUALIFICATIONS

• Ability to monitor and respond to security events based on guidelines and playbooks.
• Capability to perform network and host analysis.
• Experience with investigating Indicators of Compromise (IOCs).
• Skill in documenting and reporting on investigation and response activities.
• Knowledge of creating and modifying security operations related use cases, alerts, procedures, guidelines, and playbooks.

ELIGIBLE SERVICE BRANCHES

All Services

PROGRAM COST

0

OTHER

Moody AFBFort EisenhowerFort StewartHunter Army AirfieldMoody AFBRobins AFB