Incident Management Specialist

Full time, remote, salary, W2, EST hours

Our client is a global leader in sustainable paper and packaging solutions.

The technology organization is transforming how they work at. They align with our businesses to deliver innovative solutions that:

• Address specific business challenges, integrate processes, and create great experiences

• Connect our work to shared goals that propel business forward in the Digital Age

• Imagine how technology can advance the way we work by using disruptive technology

We are looking for forward thinking technologists that can accelerate our focus areas such as building stronger foundational technology capabilities, reducing complexity, employing digital transformation concepts, and leveraging disruptive technology.

The Work:

• Lead cradle-to-grave incident response actions for declared incidents impacting the OT and IT environments ensuring a structured orchestration following the cyber technical incident response plan

• Collaborate with system and application owners in to coordinate containment and eradication activities in the OT and IT environments

• Perform malware analysis and deep-dive forensic examinations on endpoints, servers, network traffic and cloud environments to determine scope, impact, and threat actor actions

• Conduct post-incident analysis to confirm root cause, identify security gaps, and provide remediation recommendations

• Serve as a Tier III escalation point supporting 27/7 Global SOC operations to provide expert guidance and assistance with complex analysis and incident handling

• Collaborate with threat hunting and detection engineering teams to create and enhance detections based on observations and lessons learned from incidents

• Develop and maintain incident response playbooks, runbooks, and response workflows

What you need to succeed:

● Minimum of six (6) years of experience working directly in a Security Operations Center (SOC), or on a Computer Incident Response Team (CISRT) performing incident response supporting OT environments

● Proficient with security solutions and platforms (SIEM, EDR, NDR, SOAR, UEBA, IDS/IPS, SEG, TIP) ● Experience conducting Incident Response, Security Monitoring, Structured Threat Hunting, and Cyber Threat Intelligence in a complex global environment

● Experience performing Open-Source Intelligence (OSINT) research

● Cloud security experience (Azure, AWS) ● Proficient in Python or other programming languages for malware analysis, and scripting

● Bachelor’s Degree in Computer Science or a related field of study, or eight years of cybersecurity professional experience in lieu of a degree

Preferred Certifications:

● GIAC Certified Incident Handler – GCIH

● GIAC Certified Forensic Analyst – GCFA

● GIAC Certified Forensic Examiner- GCFE

● Certified Information Systems Security Professional – CISSP