BE PART OF A BANK LIKE NO OTHER.
When you work with the world’s most innovative companies, you know you’re making a difference.
Our clients are the game changers, leaders and investors who fuel the global innovation economy. They’re the businesses behind the next medical breakthroughs. And the visionaries whose new technologies could transform the way people live and work.
They come to SVB for our expertise, deep network and nearly forty years of experience in the industries we serve, and to partner with diverse teams of passionate, enterprising SVBers, dedicated to an inclusive approach to helping them grow and succeed at every stage of their business.
Join us at SVB and be part of bringing our clients’ world-changing ideas to life. At SVB, we have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities SVB serves. We pride ourselves in having both a diverse client roster and an equally diverse and inclusive organization. And we work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply.
The Cyber Security Operations Analyst will protect SVB by providing timely response to cyber security threats, incidents, and requests for investigation using industry leading tools and practices. The analyst will assist in the development of runbooks and processes to streamline the investigations and provide accurate and consistent documentation and response to security events. The analyst will continuously train to be apprised of emerging technologies, threats, attacks, and countermeasures.
Essential Job Functions
- Independently monitor and triage cybersecurity alerts in a case management system
- Identify opportunities to tune signatures and alerts and make recommendations to senior analysts
- Independently investigate, respond, escalate, and document findings for cybersecurity incidents with guidance from more senior analysts
- Review and provide quality control input for closed cybersecurity cases and incidents
- Work with various teams and stakeholders to mitigate cybersecurity incidents
- Follow documented processes independently and update runbooks and documentation accordingly
- Search for threat indicators based on targeted threat hunts provided by the cyber threat intelligence team
- Participate in continuous learning and department training exercises (tabletop, blue and purple team, etc.)
- Monitor events in cyber security instrumentation through direct access and central log management
- Participating in an on-call pager rotation for responding to high urgency alerts
- Cybersecurity best practices and trends
- Cybersecurity incident response lifecycle and methods
- Mitre Attack Framework
- Cybersecurity risks and controls
- Networking and TCP/IP protocol
- Windows and Linux operating systems
- Cybersecurity architectures and methodologies (Defense in depth, Kill-Chain, NIST, OWASP, etc.)
- Amazon Web Services
- Indicators of compromise (IOC) and Tactics techniques and procedures (TTP)
- Analyze application, system, and security logs from any log source
- Document forensic investigation and research findings
- Demonstrate clear written and verbal communication
- Work well independently without in-person supervision
- Collaborate with team members across separate geographic locations
- Work well under pressure of cybersecurity incidents
- Build relationships with individuals across the organization
Required Education & Experience
- Bachelor’s degree in a technical field (cybersecurity, information technology, computer science, computer engineering, etc. ) or commensurate experience in a technical job role
- 1 or more years’ experience of technical experience which could include internships, CTFs, cybersecurity clubs, etc.
Certifications (preferred, not required)
- Certified Information Systems Security Professional (CISSP) or Associate of (ISC)²
- Certified Cloud Security Professional (CCSP)
- Systems Security Certified Practitioner (SSCP)
- GIAC Security Essentials (GSEC)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Enterprise Defender (GCED)
- GIAC Continuous Monitoring Certification (GMON)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Advanced Network Forensics (GNFA)
- CompTIA Security+
- CompTIA Advanced Security Practitioner+ (CASP+)
- Certified Ethical Hacker or Computer Security Incident Handler (CSIH)
- EnCase Certified Examiner (EnCE)
- Access Data Certified Examiner (ACE)
- AWS Cloud Certified Practitioner
- AWS Cloud Certified Practitioner
- AWS Certified Solutions Architect or Associate
- AWS Security Specialty
© 2021 SVB Financial Group. All rights reserved. SVB, SVB FINANCIAL GROUP, SILICON VALLEY BANK, MAKE NEXT HAPPEN NOW and the chevron device are trademarks of SVB Financial Group, used under license. Silicon Valley Bank is a member of the FDIC and the Federal Reserve System. Silicon Valley Bank is the California bank subsidiary of SVB Financial Group (Nasdaq:
Equal Employment Opportunity
Silicon Valley Bank is an equal opportunity employer and is dedicated to expanding its commitments and investments to create a more diverse, equitable and inclusive company culture and innovation ecosystem. We are strongly committed to the values and policy of equal employment opportunity across our employment practices.
Silicon Valley Bank is registered in England and Wales at Alphabeta, 14-18 Finsbury Square, London EC2A 1BR, UK under No. FC029579. Silicon Valley Bank is authorised and regulated by the California Department of Business Oversight and the United States Federal Reserve Bank; authorised by the Prudential Regulation Authority with number 577295; and subject to regulation by the Financial Conduct Authority and limited regulation by the Prudential Regulation Authority. Details about the extent of our regulation by the Prudential Regulation Authority are available from us on request.