Cybersecurity SOC Analyst

Calling all innovators – find your future at Fiserv.

We’re Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day – quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we’re involved. If you want to make an impact on a global scale, come make a difference at Fiserv.

Job Title

As a member of Fiserv’s Cybersecurity Incident Response Team (CSIRT), the Cybersecurity SOC Analyst supports investigation and response activities for cybersecurity events across the global enterprise environment. This role focuses on the preliminary identification, triage, and analysis of potential cyber security incidents. The successful candidate will review suspicious emails, analyze logs, investigate network traffic and endpoint activity, and escalate confirmed incidents to Tier 2 incident handlers. This role offers the opportunity to work alongside experienced incident analysts and handlers while contributing to global cyber security operations and initiatives.

Candidates should have a foundational understanding of incident response processes, investigative techniques, and current cyber security threats and trends.

This position requires the ability to work a shift which includes work on holidays, nights, & weekends.

Candidate must be available to work a fixed, shifted 5 day week, either Sunday through Thursday or Tuesday through Saturday. Shift will be either during the day or evening.

• Monitor and triage security alerts and events generated by enterprise security tools, escalating validated or high-risk activity in accordance with established playbooks and service level targets.
• Perform initial investigation of suspicious activity across endpoint, network, identity, email, cloud, application, and system log sources.
• Analyze and investigate data in the SIEM/SOAR that originated from EDR, firewall, proxy, intrusion detection/prevention, email security, and other monitoring platforms to determine severity, impact, and required response actions.
• Document investigations, findings, actions taken, and escalation details in the case management system with clear, complete, and timely notes.
• Follow shift handoff procedures and communicate open issues, emerging threats, and significant events to team members and incident handlers.
• Contribute to continuous improvement by identifying recurring false positives, process gaps, and opportunities to improve alert quality, runbooks, and analyst efficiency.

• Experience in cybersecurity operations, incident response, security monitoring, IT operations, networking, or a related enterprise technology environment.
• Bachelor’s degree in cyber security, information technology, computer science, or a related field preferred; equivalent practical experience may be considered.
• Ability to support a 24x7x365 operating model, including day, evening, weekend, or holiday shifts as assigned.
• Foundational knowledge of network protocols, operating systems, enterprise architecture, and common log sources used in security investigations.
• Basic understanding of incident response processes, alert triage, threat indicators, and cyber security attack techniques.
• Strong analytical, written, and verbal communication skills with the ability to document findings clearly and accurately.
• Ability to prioritize work, follow documented procedures, and make sound decisions in a fast-paced operational environment.
• Self-motivated, detail-oriented, and able to collaborate effectively as part of a cross-functional team in a fast-paced, high-impact operational environment.
• Strong critical thinking skills, strong puzzle-solving ability and an investigative mindset to analyze complex activity, connect related indicators, and identify potential security incidents.

• Industry certifications such as CompTIA Security+, CySA+, CEH, GCIH, or similar foundational cyber security certifications.
• Experience with scripting or programming languages to support automation, analysis, or incident response activities.
• Direct experience with security technologies such as SIEM/SOAR, EDR, IDS/IPS, email security, firewalls, proxy tools, or case management platforms is preferred.

Thank you for considering employment with Fiserv.  Please:

• Apply using your legal name
• Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).

Our commitment to Diversity and Inclusion:

Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law. 

Note to agencies:

Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions.

Warning about fake job posts:

Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address.