Are you passionate about the chance to bring your experience to a world-class company that is market-leading for both content and technology? If yes, we are looking for you!

Join our team! Thomson Reuter's Incident Response (IR) team is seeking a motivated and experienced Senior Incident Response Analyst to support our Corporate Global Cyber Security efforts. In this challenging and rewarding role, you will lead the coordination of tactical incident management activities and drive the execution of the function's maturity activities, such as improvements to our cross-functional security incident management processes.

We are looking for an individual with strong organizational and process management skills who can work in high-stress situations while communicating clearly & effectively to technical and business stakeholders.

About the Role  

In this opportunity as a Senior Incident Response Analyst, you will:

• Support incident management coordination through its lifecycle, from activation of the appropriate cross-functional partners through closure.
• Engage partners during incident management calls to ensure they have a clear understanding of the incident, its action plan and path to resolution, and their role in the process.
• Manage all applicable incident collateral, including executive communications and reports.
• Partner with other security teams to identify and drive cross-functional process improvements.
• Assess overall incident management & response capabilities to develop and drive process improvements.
• Operate as part of a 24x7 global incident response team with an understanding and flexibility to work off-hours when necessary.
• Advise leadership on strategies to improve security operations and proactively thwart intrusion attempts
• Define risk, analyze potential threats, and lead process improvement initiative
• Work with a diverse team of security professionals to address complex issues and tasks in a fast-paced environment.

About You:

You're a fit for the role if your background includes:

• Have obtained a bachelor's degree or equivalent experience - a degree in an Information Technology or Systems related subject area is preferred but not required.
• Have 3+ years of experience supporting and leading processes or programs in Information Technology or Security.
• Experience with tools like Kape, Encase, Axiom, FTK, XWays or just disk/memory forensics. 
• Have solid organizational and critical-thinking skills and demonstrate close attention to detail and care in your work.
• Are effective written and oral communicators.
• Have the ability to learn and operate in a dynamic environment, comfortable with ambiguity and fast turn-around times.
• Exhibit good interpersonal skills and can influence/execute across multiple stakeholder groups.
• Are a quick learner and have a demonstrated ability to distill complex information into quickly digestible reports & presentations for executives.
• Are comfortable with a flexible schedule, including working off-hours and weekends if necessary.
• Ability to learn and operate in a dynamic environment 
• Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation, and to learn and adapt quickly 
• Strong oral and written communication skills
• A Strong desire to develop into a Cybersecurity subject matter expert with an initial focus on the incident response domain 

Desired knowledge or experience:

• SANS GIAC, CompTIA Security+ CE, or similar professional security certifications
• Experience with ServiceNow or similar service management/ticketing systems
• Experienced with processes, tools, and techniques in incident response and forensic investigations
• Experience using event escalation and reporting procedures 
• Experience supporting Network Investigations 
• Understanding TCP/IP communications & knowledge of how standard protocols and applications work at the network level, including DNS, HTTP, and SMB
• Understanding of standard security controls for Windows, Linux, and network equipment
• Strong knowledge of cyber investigations, containment, gathering of artifacts, and case management