This job posting isn't available in all website languages
Information Security
Enterprise Technology Operations
061603 Requisition #

Zions Bancorporation’s Enterprise Technology and Operations (ETO) team is transforming what it means to work for a financial institution. With a commitment to technology and innovation, we have been providing our community, clients and colleagues the best experience possible for over 150 years. Help us transform our workforce of the future, today.


We are currently seeking a Senior Cyber Incident Response Engineer as part of our Enterprise Information Security department.  Enterprise Information Security (EIS) is integrated with the Enterprise Technology and Operations division (1100+ technical people) at Zions Bancorporation.  EIS is responsible for enabling secure innovation and business growth for 10,000+ employees across 11 states. EIS is undergoing rapid growth and we are focused on creating a relevant program that will enable our organization’s long-term success. What’s great about our department is that we laugh with each other, have Executive and Board level visibility and support for our work, and are driving highly visible, enterprise-wide initiatives. We are focused on creating business value and are seeking like-minded professionals to join our team! 


The Senior Cyber Incident Response Engineer will join our CSOC Team.  The Cybersecurity Operations Center (CSOC) team is the cyber front line at Zions Bancorporation. If you want to work on a team where your input matters, you get to collaborate with sharp colleagues with whom you will grow, where your work is truly valued and you make a real difference, then you will be in good company.


As a Senior Cyber Incident Response Engineer you will play a key role in defending the enterprise from malicious actors. The work you do has real impact customer-wide and enterprise-wide and it is truly valued by both.


The Senior Cyber Incident Response Engineer will:

  • Act as key contributor in the CSOC’s growth and evolution, actively improving our cyber incident response capabilities
  • Respond to cybersecurity incidents, especially as an escalation point for high-priority or highly complex incidents
  • Function as subject matter expert in multiple cybersecurity tools and processes such as SIEM, IDS, EDR, DLP, WAF and similar
  • Develop and implement monitoring use cases, cyber incident response procedures, playbooks and other technical documentation
  • Collaborate with Enterprise Cybersecurity Architecture and technology teams in monitoring and alerting infrastructure, processes, and tools
  • Train, mentor and guide other team members (across both the CSOC and other EIS teams) on cyber incident response practices, tooling, and capabilities
  • Participate in the on-call rotation so we can maintain 24/7 coverage in responding to alerts and possible threats
  • Other duties as assigned



  • Hands-on technical experience with one or more commercial SIEM products such as Splunk (preferred), IBM QRadar, LogRhythm, ArcSight, NetWitness, etc., which should include familiarity with defining and writing alert conditions/use cases in addition to daily use for investigating incidents
  • Experience producing technical documentation, standard operating procedures, and incident response playbooks
  • Expert technical knowledge in networking, Windows administration, Linux administration, common attack techniques and preventions
  • Advanced working knowledge of common attack vectors, different classes of attacks (e.g., passive, active, insider, close-in, distributed, etc.) and general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation or privileges, maintaining access, network exploitation, covering tracks, etc.)
  • Advanced knowledge of system administration concepts for UNIX/Linux and Windows operating systems
  • Development experience with scripting languages such as R, HIVE, Python, JavaScript, etc., is a plus
  • Experience with any Endpoint Detection and Response platform is a plus
  • Relevant advanced technical certifications are a plus (ex: SANS, ISC2)A Bachelor’s in Information Technology, Computer Science, Information Systems, or a related technical field plus 5+ years of relevant experience in one or more technical cybersecurity domains (combination of education and experience, such as 6-8 years of relevant experience or equivalent education may meet qualifications)




This position can be located 100% remote within the United States or located at the Zions Technology Center in Midvale, UT


Pay Range:

$130K - $170K (based upon relatable skills and experience)



  • Medical, Dental and Vision Insurance - START DAY ONE! 
  • Life and Disability Insurance, Paid Parental Leave and Adoption Assistance
  • Health Savings (HSA), Flexible Spending (FSA) and dependent care accounts
  • Paid Training, 20 days of Paid Time Off (PTO) and 11 Paid Federal Holidays
  • 401(k) plan with company match, Profit Sharing, competitive compensation in line with work experience
  • Mental health benefits including coaching and therapy sessions
  • Tuition Reimbursement for qualifying employees
  • Employee Ambassador preferred banking products
  • Employees may, at the company’s discretion, be eligible to receive a cash bonus award



Apply now if you have a passion for impactful outcomes, enjoy working collaboratively with co-workers, and want to make a difference for the clients and communities we serve.




To review our Benefits Summary click here.

If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to the instructions below.

Applicants Requesting Accommodations: If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access our career site.  You can request reasonable accommodations by contacting us at careers@zionsbancorp.com or 801/844-7628.  Please email your resume/cover letter, indicate what position you are interested in and include "Accommodation needed" in the subject line to ensure your information is routed to the appropriate contact.

Zions Bancorporation, National Association prohibits illegal discrimination and reaffirms its policy of providing Equal Employment Opportunity (EEO), by extending equal employment and advancement opportunities to all employees and applicants for employment, without regard to race, color, religion, age (40 and over), sex, pregnancy, gender, disability, national origin, ethnic background, citizenship, protected veteran status, military service, sexual orientation, gender identity, genetic information or any other characteristic protected by applicable federal, state or local law.

It is the Company’s policy not to discriminate because of a person’s relationship or association with a protected veteran. This includes spouses and other family members. Also, Zions will safeguard the fair and equitable treatment of protected veteran spouses and family members with regard to all employment actions and prohibit harassment of applicants and employees because of their relationship or association with a protected veteran.


Click here to view our EEO Statement.

Click here to view applicable Federal, State and/or local employment law posters.

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Enterprise Technology Operations

Midvale, Utah, United States

📁 Information Security

Requisition #: 061696

Enterprise Technology Operations

Midvale, Utah, United States

📁 Information Security

Requisition #: 061491

Amegy Bank a division of Zions Bancorporation, N.A. Member FDIC