Vice President, Information Security

Location: Dublin.

Work Schedule: Sunday to Thursday, 09.00 – 17.00 GMT.

• 
  
• Lead triage and investigation of security alerts, escalating and coordinating incident response as needed.
  
• Perform root cause analysis, scope affected assets, and drive containment, eradication, and recovery.
  
• Correlate events across SIEM, EDR, IDS/IPS, firewalls, cloud logs, and identity platforms to identify true positives and reduce false positives.
  
• Develop, refine, and maintain SOC playbooks, runbooks, and detection logic aligned to the MITRE ATT&CK framework.
  
• Mentor junior analysts and provide guidance on investigation techniques, documentation standards, and operational best practices.
  
• Coordinate with Threat Intelligence to enrich investigations, track adversary TTPs, and proactively hunt for indicators of compromise.
  
• Partner with Engineering teams to tune detections, improve log fidelity, and strengthen preventive controls.
  
• Create clear, actionable incident reports and executive summaries; contribute to metrics and trend analysis.
  
• Support purple team exercises and post-incident reviews to capture lessons learned and drive continuous improvement.
  
• Ensure adherence to regulatory and security policies; maintain audit‑ready documentation for investigations and incidents.
  

• 
  
• Experience in a SOC, incident response, or threat detection role, including Tier 2/3 investigations.
  
• Advanced proficiency with SIEM (e.g., Splunk, QRadar, Sentinel), EDR (e.g., CrowdStrike, Microsoft Defender), and SOAR platforms.
  
• Strong knowledge of network security, Windows/Linux, identity systems, and common cloud logging sources.
  
• Hands‑on experience with the MITRE ATT&CK framework, threat hunting, IOC/IOA development, and detection tuning.
  
• Demonstrated ability to lead complex incidents, coordinate stakeholders, and communicate clearly under time pressure.
  
• Scripting or automation experience (e.g., Python, PowerShell) for investigation enrichment and workflow improvements.
  
• Familiarity with NIST CSF/800‑61, CIS Controls, and common regulatory requirements impacting incident response.
  
• Excellent documentation skills and an evidence‑driven approach to investigations.
  

• 
  
• Relevant certifications: GCIA, GCED, GCIH, GCFA, GNFA, CISSP, CCSP, or equivalent experience.
  
• Experience with ticketing and case management systems (e.g., ServiceNow) and knowledge‑management practices.
  
• Prior experience with threat intel platforms, sandboxing tools, and malware triage is a plus.
  

BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay‑for‑performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.

We are an Equal Employment Opportunity/Affirmative Action Employer. xcfaprz We encourage applications from Underrepresented racial and ethnic groups, Females, Individuals with Disabilities, and Protected Veterans.