Cybersecurity Incident Management Analyst

Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services.  Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results.  We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions.  Join our dynamic team and make your mark on the payments technology landscape of tomorrow. 

Global Payments is a leading payments technology company delivering innovative software and services to customers globally. Headquartered in Georgia with approximately 27,000 team members worldwide, they are a Fortune 500® company and a member of the S&P 500 with worldwide reach spanning North America, Europe, Asia Pacific and Latin America.

This role is an opportunity to work in an exciting, fast paced and complex industry in our Security Operations organization, and will play a vital role in the day to day management of critical security incidents and post incident activities. 

As part of the Global Cybersecurity Incident Management (GCIM) team you will coordinate containment, eradication and post-incident activities for critical cyber security incidents. You will play a key role in the Incident Response Team (IRT) overseeing, validating and documenting containment and then working through post-incident and lessons learned. You will work closely with the Global Security Operations Center (GSOC) on incident response activities to protect,  enhance and secure the security posture of the enterprise. Following security incident closure you will be responsible for engaging with key stakeholders for any Root Cause Analysis (RCA) and post-incident activity, ensuring we have reduced the chances of incident recurrence and assessed the efficiency of our incident response techniques and procedures.

What Part Will You Play?

• Coordinate incident handling in line with the corporate security incident response plan.

• Manage post-incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis and the tracking of actions to prevent incident recurrence.

• Provides 24x7 on-call incident management support on rotation for critical security incidents.

• Stays up to date with new and emerging threats that can affect the organisation’s information assets, third party software/solutions, IT configuration changes, and network/system.

• Provides executive level written communication during incident response for inquiries related to security incidents or assigned cases.

• Collaborates with vulnerability management and development teams to ensure timely remediation of vulnerability findings reported through the Bug Bounty Program or where rapid vulnerability remediation is required leveraging incident management procedures

• Works closely with Risk Management teams to document identified risks and issues highlighted through post-incident or root cause analysis activities.

• Maintains a working knowledge of key data security frameworks and regulations such as PCI (Payment Card Industry)/Logical Security guidelines and models, HIPPA (Health Insurance Portability and Accountability Act), (GDPR) General Data Protection Regulation, PII (Personally Identifiable Information), NIST CSF (Cyber Security Framework).

• Collaborates with Legal and Privacy Offices throughout the company on critical data protection/security incidents.

• Participates in reviews and assessments to provide recommendations to enhance or improve the security posture of environments as part of post incident activities and lessons learned.

• Maintain and follow runbooks for day-to-day incident response activities in line with the corporate security incident response plan.

What Are We Looking For in This Role?

Minimum Qualifications

• Relevant Experience or Degree in: Bachelor’s degree in Computer Science, Info Security, or related field. Or relevant work experience in a related field.

• Typically Minimum 2 Years Relevant Experience with Incident Management and/or Information Security

• Knowledge of network operations or engineering or system administration on Unix, Linux, MAC (Message Authentication Code), or Windows; common security operations, intrusion detection systems, Security Incident Event Management systems, Penetration Testing, Web Application assessment, Secure Coding practices, Cloud Technologies.

Preferred Qualifications

• ITIL V4

• Professional security certifications such as CompTIA Security+/ Cybersecurity Analyst+, or Systems Security Certified Practitioner (SSCP), or  CISM(Certified Information Security Manager), or CISA(Certified-Information-Systems-Auditor), or GSEC (GIAC Security Essentials), or GCIH (GIAC Certified Incident Handler)

• Knowledge of industry standard security compliance programs PCI (Payment Card Industry), GDPR (General Data Protection Regulation), NIST Cyber Security Framework etc.)

• Cloud Knowledge or certifications such as Google Cloud Fundamental or AWS Foundations

• Experience working in Google Workspace and JIRA

What Are Our Desired Skills and Capabilities?

• Strong verbal and written communication skills.

• Demonstrated ability to effectively communicate ideas and persuade others to accomplish challenging goals and objectives.

• Ability to facilitate meetings and enable discussions that lead to resolution and communicate results.

• Skills / Knowledge - Developing professional expertise, applies company policies and procedures to resolve a variety of issues.

• Job Complexity - Works on problems of moderate scope where analysis of situations or data requires a review of a variety of factors. Exercises judgement within defined procedures and practices to determine appropriate action. Builds productive internal/external working relationships.

• Supervision - Normally receives general instructions on routine work, detailed instructions on new projects or assignments.

• Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them.

• Incident Response - Knowledge and skills to contribute to all phases of Incident Response.

Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website, please contact [email protected].