Calling all innovators - find your future at Fiserv.
We're Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants and consumers to one another millions of times a day - quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we're involved. If you want to make an impact on a global scale, come make a difference at Fiserv.
Job Title
Cybersecurity Incident Responder
About your role:
As a member of Fiserv’s Cybersecurity Incident Response Team (CSIRT), you will be responsible for commanding the investigation, analysis, containment, and remediation of cybersecurity incidents across the global enterprise environment. You will be the primary escalation point for Tier 1 analysts and accountable for validating, investigating, and responding to confirmed security incidents in accordance with established cyber incident response procedures. The successful candidate will perform advanced analysis of network traffic, endpoint activity, and log data, correlate findings across multiple sources, rapidly driving containment and mitigation actions.
What you will do?
- Lead investigation and response activities for confirmed and escalated cyber security incidents in accordance with established playbooks and service level targets.
- Perform analysis of suspicious activity across endpoint, network, identity, email, cloud, application, and system log sources.
- Analyze, investigate, and correlate data from SIEM/SOAR, EDR, firewall, proxy, intrusion detection/prevention, email security, and other monitoring platforms to drive accurate incident response.
- Document investigations, findings, actions taken, and escalation details in the case management system with clear, complete, and timely notes. Create full summary reports of events of interest to drive after action and lessons learned activities.
- Follow shift handoff procedures and communicate open issues, emerging threats, and significant events to team members and incident handlers.
- Contribute to continuous improvement by identifying recurring false positives, process gaps, and opportunities to improve alert quality, runbooks, and analyst efficiency and perform live response activities, including remote and onsite system analysis and evidence collection.
- Drive containment, eradication, and recovery actions in coordination with infrastructure and technology teams.
- Collaborate with Tier 1 analysts to improve detection and response capabilities and provide guidance on escalation quality and partner with security engineering teams to ensure effective operation and tuning of security tools and detection capabilities.
What you will need to have:
- 3–6 years of experience in cyber security operations, incident response, security monitoring, IT operations, networking, or a related enterprise technology environment.
- Proven experience handling and responding to cyber security incidents in a SOC or CSIRT environment.
- Direct experience with security technologies such as SIEM, EDR, IDS/IPS, email security, firewalls, proxy tools, or case management platforms is preferred.
- Strong knowledge of incident response processes, investigative techniques, threat indicators, and attack methodologies.
- Hands-on experience with log analysis and forensic investigation techniques.
- Ability to prioritize work, manage multiple active incidents, and make sound decisions in a fast-paced, high-impact operational environment.
- Strong critical thinking skills, puzzle-solving ability, and an investigative mindset to analyze complex activity, connect related indicators, and identify root cause and scope of incidents.
- Bachelor’s degree in cyber security, information technology, computer science, or a related field preferred; equivalent practical experience
What would be great to have:
- Industry certifications such as GCIH, GREM, GCFA, GCFE, CISSP, CEH, CISA, Security+, or similar advanced cyber security certifications.
- Experience with scripting or programming languages to support automation, analysis, or incident response activities.
How you’ll work
- This role is on-site Monday through Friday. Fiserv considers in-person collaboration to be an essential part of this role as in-person office experiences help you with your overall onboarding experience and leads to stronger productivity.
Travel
- Approximately 10% travel off-site or to other office locations is expected.
Sponsorship
- You must currently possess valid and unrestricted U.S. work authorization to be considered for this role. Individuals with temporary visas including, but not limited to, F-1 (OPT, CPT, STEM), H-1B, H-2, or TN, or any candidate requiring sponsorship, now or in the future, will not be considered.
#LI-RM1
Salary Range
$110,000.00 - $186,000.00
These pay ranges apply to employees in New Jersey and New York. Pay ranges for employees in other states may differ.
It is unlawful to discriminate against a prospective employee due to the individual's status as a veteran.
For incentive eligible associates, the successful candidate is eligible for an annual incentive opportunity which may be delivered as a mix of cash bonus and equity awards in the Company’s sole discretion.
Thank you for considering employment with Fiserv. Please:
- Apply using your legal name
- Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).
Our commitment to Equal Opportunity:
Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law.
If you have a disability and require a reasonable accommodation in completing a job application or otherwise participating in the overall hiring process, please contact AskHR.US@fiserv.com. Please note our AskHR representatives do not have visibility to your application status. Current associates who require a workplace accommodation should refer to Fiserv’s Disability Accommodation Policy for additional information.
Note to agencies:
Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions.
Warning about fake job posts:
Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address.
