SOC Security Incident Responder

Temenos powers a world of banking that creates opportunities for billions of people and businesses everywhere. We do this through the pioneering spirit of 7500+ Temenosians who are passionate about making banking better, together.

We serve 3000 banks from the largest to challengers and community banks in 150+ countries. We collaborate with clients to build new banking services and state-of-the-art customer experiences on our open banking platform, helping them operate more sustainably.

At Temenos, we have an open-minded and inclusive culture, where everyone has the power to create their own destiny and make a positive contribution to the world of banking and society.

As our Security Incident Responder you will be part of a fast-paced Global SOC team and cover broad aspects of Temenos Cyber security monitoring and incident response operations. Working closely with SOC Manager and Cyber Security Engineers, the role is to help coordinate and report on cyber incidents affecting Temenos on-premises and Cloud infrastructure and Temenos application suite. This role requires strong technical analytical skills while providing accurate analysis of security-related problems and a well-rounded networking background. It also involves critical duties and responsibilities to be performed during crisis and contingency operations, which may necessitate extended hours of work.

• Responsible for working in a 24x7 Security Operation Center (SOC) environment.
• Participate in security incident response efforts, having knowledge of common security exploits, vulnerabilities and countermeasures.
• Digital forensics and malware analysis.
• Coordinate with Security System engineers and Threat Intel engineers to continuously improve the accuracy and efficiency of the Security monitoring and response process.
• Investigate, document, and report on information security issues and emerging trends that affect Temenos on-premises and Cloud based platforms.
• Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
• Technical expert and liaison to law enforcement and executive personnel and explain incident details as required.
• Write and publish cyber defense techniques, guidance, incident findings, and after-action reviews to constituents
• Propagates a risk based, business focused cyber security approach in all activities.
• Deliver regular and consistent KPI/KRIs on the security monitoring activities.
• Remain current on security industry events, threats and impacts on new technology.

• 5+ years of working experience in Security Incident Response.
• Security Operation Centers Experience.
• Strong knowledge of networking topologies and technologies, including firewalling, routing and switching, web traffic
• Strong knowledge of Operating Systems (Windows, Linux, UNIX)
• Solid understanding of current cyber-attack tactics/techniques and mitigation solutions.
• Experience with network and host-based intrusion detection and prevention systems
• Knowledge on one or more SIEM tools, such as Splunk, Sentinel.
• Previous experience in creating heuristic detections, correlation searches in SIEM tools (QRadar, Arcsight, Sentinel, Splunk, etc)
• Strong analytical skills.
• Security Incident Response knowledge
• Exposure to handling Security Centre alerts in cloud (Azure or AWS).
• Ability to communicate security issues to peers and management.
• Customer-oriented with a strong interest in client satisfaction.
• Industry certifications & qualifications from recognized training providers ISC2, ISACA, SANS, EC-Council can be a plus.