Cyber Incident Response, Recovery & Investigations (Senior Associate)

A global financial institution is seeking a Senior Associate – Cyber Incident Response, Recovery & Investigations to join its cybersecurity team.Responsibilities:- Drive process standardization and documentation to ensure consistent and scalable incident response operations. Develop and document procedures to continuously improve the enterprise incident response plan- Develop, manage, and maintain all global IR playbooks and protocols- Systematically and globally build and operate incident response management protocols- Respond to cyber incidents outside of standard Japan working hours- Act as a liaison between various business units and collaborate with other team members and colleagues across different security teams. Manage relationships with business partners, senior management, vendors, and external stakeholders as needed- Promote integration with other enterprise incident management programs and ensure consistency and alignment with IT and CISO teams- Lead small to medium-scale projects as directed by senior leadership- Develop and provide metrics upon request to leadership- Draft clear and ready-to-use communications, ensuring timely reporting and updates to leadership during and after incidents- Own and maintain the team’s internal action handbook and knowledge base- Participate in after-hours incident response duties on a rotating basis with other team members- Investigate root causes and solutions to resolve security incidents- Analyze investigation findings and prepare fact-based reports- Identify and clearly define areas for improvement, and support activities that apply lessons learned- Communicate effectively—both verbally and in writing—with a wide range of stakeholders- Demonstrate integrity and sound judgment in a professional environment- Approach analysis and reviews with curiosity and attention to detailRequired Skills:- At least 5 years of hands-on experience in any of the following areas: SOC (Security Operations Center) Analyst, CSIRT (Cyber Security Incident Response Team), DFIR (Digital Forensics and Incident Response),- Minimum 5 years of experience in monitoring alerts/logs and identifying potential security incidents- Minimum 5 years of hands-on experience using security monitoring tools such as: SIEM (Security Information and Event Management), EDR (Endpoint Detection and Response), IDS (Intrusion Detection System), IPS (Intrusion Prevention System)Why should you apply: - You will be part of a Global IT team to be part of winning asset banking- Diverse environment (Good mix of female and male management team, international)- Stable environment- First-hand experience on high level digital transformationCompany Details: Headquartered in Tokyo with offices in Hong Kong, London, and New York, it is Japan's largest securities firm, employing approximately 26,000 staff worldwide and offering a full range of equity, fixed income, foreign exchange, and other investment products and services.Working Hours: 08:40 – 17:40Workstyle: By principle, it will be 1 day working in office, 4 days working from home (Depending on nature of the job, it will be decided by department head) Holidays: Saturday, Sunday, and National Holidays, Year-end and New Year Holidays, Paid Holidays, Other Special HolidaysBenefits: Social insurance, pension, transportation, etc.Interview Process: 3~5 roundsID: EC485833