This is a hands-on incident response role for someone who likes being first on the scene when something looks off. You will monitor, investigate, and respond to threats that target an established financial institution and its members, sharpening your skills across the full security stack as the program grows.

ABOUT THE COMPANY

Our client is a well-established, member-focused financial institution with deep roots in the North Carolina communities it serves. The organization is investing in its cybersecurity program and modernizing its technology, and this role sits on a tight-knit security team where hands-on work drives the day. Your perspective on detection, response, and continuous improvement will help shape where the program goes next.

WHY YOU'LL LOVE THIS ROLE

• Own incident response end to end, from triage and investigation through containment, eradication, and recovery, where your work directly protects members and teammates.
• Do real, hands-on security operations work, not paperwork from the sidelines.
• Sharpen detections, build playbooks, and bring your ideas to a security program that is actively evolving.
• Partner with internal teams and an MDR provider, gaining broad exposure across the security stack.
• Help build out a growing cybersecurity program, with the chance to influence how the team and its tools mature over time.
• Work for an organization with deep community roots and a genuine investment in the growth of its people.

WHAT YOU'LL DO

• Monitor security tooling such as SIEM, EDR, email and web security, and firewall and VPN logs, and triage alerts to determine scope, severity, and response actions.
• Investigate suspicious activity by analyzing logs and telemetry, correlating events across systems, and documenting findings in tickets and incident records.
• Execute containment, eradication, and recovery in partnership with IT and application teams, including isolating hosts, blocking indicators, and supporting remediation.
• Collect and preserve incident evidence and support forensic activities while maintaining chain-of-custody expectations.
• Develop and improve incident response playbooks and procedures, and participate in tabletop exercises and post-incident reviews.
• Tune detections and reduce false positives by partnering with tool owners, and support vulnerability response by validating exposure and tracking remediation.
• Leverage frameworks such as MITRE ATT&CK to perform light, hypothesis-driven threat hunting and validate control effectiveness.

WHAT YOU BRING

• 3 to 5 years of experience in information security, SOC operations, or incident response, including hands-on investigation and response to security events.
• Bachelor's degree in a related field, or equivalent hands-on experience.
• Hands-on incident response knowledge across triage, investigation, containment, eradication, and recovery, with the ability to follow and improve playbooks.
• Ability to analyze security telemetry such as Windows and Linux, firewall and VPN, DNS, proxy, and authentication logs using SIEM and EDR tools to identify indicators of compromise and tune detections.
• Working knowledge of networking fundamentals used in investigations, including TCP/IP, DNS, HTTP/S, routing, and VPN, plus common attacker techniques and identity and access concepts such as MFA and privileged access.
• Strong problem solving, analytical, and communication skills, with sound judgment under pressure and the ability to explain security concepts across the business.
• Familiarity with regulatory expectations for financial services, such as GLBA, NCUA and FFIEC guidance, PCI DSS, and Sarbanes-Oxley as applicable.
• Must be able to pass an extensive background check and a post-offer, pre-employment drug screen.

BONUS POINTS IF YOU HAVE

• Professional certifications such as Security+, CySA+, GCIH, or GCIA.
• CISSP or CCSP certification.
• Offensive security certifications such as OSCP or other OffSec and Kali based credentials.
• Experience participating in an incident response on-call rotation in an enterprise environment.
• A background in banking, credit unions, fintech, or other financial services environments, along with familiarity with the FFIEC examination framework.

ABOUT CATCH TALENT

Catch Talent is a high-touch recruiting agency that delivers end-to-end talent acquisition solutions to growing technology, digital media, and professional services companies. Headquartered in Charleston, SC, Catch brings decades of technical recruiting expertise to local and national clients and offers a full range of flexible solutions, including direct placement hiring, recruitment process outsourcing, contract and contract-to-hire models. Learn more at catchtalent.com.

Catch Talent provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.