Coordinate and triage response to cybersecurity events and conduct forensic analysis across endpoints, networks, cloud, and SaaS.
Integrate threat intelligence into investigations (e.g., enrich IOCs, map activity to MITRE ATT&CK, identify likely threat actors/TTPs, and assess potential impact).
Understand the threat landscape through collaboration with industry peers, FS-ISAC, trust groups, and commercial/open-source intelligence, translating insights into actionable recommendations.
Develop, maintain, and operationalize Incident Response playbooks and SOPs; include PIRs (Priority Intelligence Requirements), collection plans, and feedback loops to refine detections.
Work closely with the SOC to investigate incidents and deliver containment, remediation, and root cause analysis; produce high-quality intel-informed incident reports.
Create and tune detections (e.g., SIEM/SOAR, EDR) using intelligence signals (TTPs, behaviors, YARA/Sigma where applicable).
Produce and present consumable intelligence outputs (e.g., flash alerts, threat overviews, executive briefs) tailored to technical and non-technical stakeholders.
Contribute to vulnerability/threat surfacing (e.g., emerging CVEs, exploit trends) and advise on risk-based prioritization.
Deliver actionable incident and hunting metrics to management; assess detection coverage and recommend improvements.
Follow the end-to-end incident response lifecycle and support post-incident lessons learned with intelligence-driven enhancements.
Build an understanding of key S&P technology, systems, and business practices to contextualize threats and drive pragmatic defenses.
Participate in information-sharing activities (e.g., FS-ISAC submissions) in line with TLP and legal/compliance requirements.

Requirements

Working knowledge of common cyber attacks, tools, and attacker tradecraft; ability to map activity to MITRE ATT&CK and articulate likely TTPs.
Demonstrated experience handling security events in critical environments and applying intelligence to accelerate triage and response.
Experience analyzing system, application, and cloud/SaaS logs to investigate security and operational issues; comfort enriching with IOCs and behaviours.
Hands-on experience with a SIEM (Splunk preferred) for investigations, alert creation, reporting, and threat hunting.
Ability to produce clear, actionable intel and incident reports, including executive-ready summaries and visuals.
Familiarity with threat intel workflows: collection planning, source evaluation, indicator lifecycle, PIRs, TLP, and feedback loops to detections.
Experience with one or more TIPs or intel data sources (e.g., MISP, OpenCTI, Recorded Future) and STIX/TAXII concepts.
3+ years of information security experience with a focus on incident response, threat hunting, or threat intelligence.
Excellent communication skills for varied business and technical audiences; strong presentation skills.
Comfortable working in a fast-paced environment; passion for cyber security.
Advanced knowledge of network protocols (TCP/IP, HTTP) and operating systems.

Benefits

Health & Wellness: Health care coverage designed for the mind and body.
Flexible Downtime: Generous time off helps keep you energized for your time on.
Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.
Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in-class benefits for families.
Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurityforensic analysisincident responsethreat intelligenceSIEMthreat huntingnetwork protocolsoperating systemscloud/SaaS logsMITRE ATT&CK

Soft Skills

communication skillspresentation skillscollaborationanalytical thinkingproblem-solvingadaptabilityattention to detailactionable reportingstakeholder engagementpassion for cybersecurity