Incident Response Engineer

Zions Bancorporation – West Valley City, UT

Zions Bancorporation a premier financial services company is seeking a highly motivated individual to fill a role as a Senior Incident Response Engineer.

This role is responsible for understanding the organization’s IT infrastructure to ensure sensors and data collectors are distributed to provide an appropriate level of visibility of network, system, and application activity. Working within the Cybersecurity Operations Center, the Incident Response Engineer will analyze data and monitor various tools to detect; respond to; recommend and implement mitigation strategies; provide notifications on abnormal or malicious activity; and post-incident activities, such as root cause analyses and post-incident reports.

As a senior member of the Bancorp-wide Security Incident Response Team, the Senior Incident Response Engineer will assist the CSOC Manager in reviewing and updating the Incident Handling Procedures and Incident Response Playbooks on a periodic basis.


Requires a Bachelor’s in Information Technology, Computer Science, Business or a related technical field and 8+ years experience in Security Operations, Incident Response, Security Architecture, supporting Information Security infrastructure or a combination of the two or other directly related experience. A combination of education and experience may meet qualifications.

Employs Advanced knowledge as a generalist or specialist of computer networking concepts and protocols, network security methodologies and how traffic flows across the network and traffic analysis methods.

Advanced working knowledge of Cyber security principles used to manage risks related to the use, processing, storage and transmission of information or data, cyber threats and vulnerabilities, incident response and handling methodologies.

Working knowledge of intrusion detection methodologies and techniques for detecting intrusions via intrusion detection technologies.

Ability to use network management tools to analyze network traffic patterns.

Ability to tune sensors, read, and interpret signatures.

Advanced system, network, and OS hardening techniques.

Ability to troubleshoot and diagnose cyber defense infrastructure anomalies and work through resolution.

Ability to assess current tools to identify needed improvements.

Ability to write and understand scripting languages (e.g., R, Python, HIVE, SQL, Ruby, Perl, etc.) and use of security event correlation tools.

Advanced working knowledge of common attack vectors, different classes of attacks (e.g., passive, active, insider, close-in, distributed, etc.) and general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation or privileges, maintaining access, network exploitation, covering tracks, etc.).

Advanced knowledge of system administration concepts for Unix/Linux and Windows Operating Systems.

Excellent problem resolution and root cause analysis techniques.

Strong customer service, communication skills both written and verbal.

Ability to work independently in a complex, sophisticated technical environment.

Extensive experience with Security Information and Event Management (SIEM) tools

Advanced understanding of Forensic Analysis methodologies.


Work Locations

Utah-West Valley City-UT – Salt Lake Service Center

UT – Salt Lake Service Center

2200 South 3270 West

West Valley City




Leave a Reply