Information Security Analyst III (Remote)

Join to apply for the Information Security Analyst III (Remote) role at First Citizens Bank.

Overview
This is a remote role that may be hired in several markets across the United States.

Role Description
As an Incident Response Analyst, you'll be a member of the bank's Cyber Incident Response team. We seek an experienced analyst skilled in detecting and responding to threats, engaging with business stakeholders, and restoring operations. This technical role supports Threat Hunting, Intelligence, and Monitoring functions through content creation, threat analysis, detection recommendations, and colleague mentoring. Strong communication skills are essential to simplify complex issues for broader understanding and expedite incident management.

Responsibilities

1. Investigate SIEM/SOAR events; utilize malware analysis, network, and endpoint security expertise to respond to and contain incidents.
2. Respond to cloud-related incidents in Azure, AWS, and Google Cloud.
3. Lead incident investigations, coordinating mitigation and remediation efforts, liaising with technical and business stakeholders.
4. Ensure proper detection, documentation, investigation, and resolution of security incidents.
5. Support creation of countermeasures and mitigations post-incident.
6. Assist in threat hunting activities, especially following incidents, and develop countermeasures against evolving threats.
7. Provide recommendations for improving incident response processes and communication based on high-severity incidents.

Qualifications
Bachelor's Degree with 6 years of experience in Information Security OR High School Diploma/GED with 10 years of experience.

Preferred Qualifications

• Experience with cloud incident response in Azure, AWS, Google Cloud.
• At least 2 years of cloud administrative experience.
• Experience managing all aspects of incident response, including stakeholder management.
• Knowledge of MITRE ATT&CK framework and its application.
• Support building proactive threat hunting capabilities.
• Experience analyzing and escalating security events across systems, applications, networks, and email.
• Ability to translate threat techniques into mitigations using tools like Yara, Sigma, or regex.
• Strong project management skills to define security requirements and ensure timely responses.
• Participation in after-hours on-call rotations, cycling weekly.

Preferred Certifications

• SANS Cloud certifications such as GIAC Cloud Forensics Responder (GCFR).

The position's base pay ranges from $120,000 to $162,000, with actual starting pay based on skills, experience, and location. Total compensation may include bonuses, benefits, and other incentives. This posting remains active for 45 days unless extended or closed early.

Benefits are part of our total rewards package. More information can be found at https://jobs.firstcitizens.com/benefits.

• Seniority level: Not Applicable
• Employment type: Full-time
• Job function: Information Technology
• Industries: Banking and Financial Services

Referrals can double your chances of interviewing at First Citizens Bank. Get notified about new Security Analyst roles in Raleigh, NC.