Cyber Security Operations Engineer

WHAT YOU WILL BE DOING:

As a Cyber Security Operations Engineer III you will play a pivotal role in our organization's cybersecurity efforts. You will be responsible for leading and executing complex cyber security operations and Incident Response initiatives to safeguard our systems and networks against advanced threats. Working closely with cross-functional teams, you will provide expert-level guidance to junior analysts and other teams within the organization.

PRIMARY DUTIES AND RESPONSIBILITIES:

• Develops and operates enterprise security services such as continuous cyber security operations, incident response, cyber monitoring, threat hunting, or digital forensics.

• Uses security tools and resources to correlate suspicious events, providing context around the event, determine root cause and provide regular updates and recommend modifications to existing systems and procedures.

• Performs advanced analysis on collection of cyber threats using high-level proactive and reactive threat hunting methods.

• Ensures that security controls are developed, managed and maintained.

• Leads and participates in Incident Response efforts.

• Conducts business impact analysis to ensure resources are adequately protected with proper security measures.

• Assesses threats regarding information assets and recommends the appropriate information security controls and measures.

• Actively supports junior analysts with security event monitoring to uncover possible security violations (e.g., breaches, unauthorized activity).

• Participates in on-call rotation (including weekends) to ensure continuous operations.

• Participates in internal incident response exercises and drills.

• Conducts knowledge transfer training sessions to Security Operations team upon technology implementation.

• Develops, reviews, follows, and implements new runbooks and standard operating procedures for Cyber Operations activities.

Must have:

• A Degree in Cybersecurity, Risk Analysis, Computer Science, Information Systems or other related field, or equivalent work experience

• 5-7 years of combined IT and security work experience with a broad range of exposure to cybersecurity functions

• Hands-on extensive experience and proficiency performing cyber security investigations with the following security tool categories: SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus

• Deep understanding of cyber security industry frameworks (e.g. MITRE ATT&CK, D3FEND, NIST, Cyber Killschain, etc.)

• Excellent written communication skills, with a focus on translating technically complex issues into simple, easy-to-understand concepts in English

• Experience in tuning, and assessment of security detection policies in cyber tools

• Experience in leading major incident breach response activities.

• Ability to develop new, and follow existing operating procedures and runbooks

• Highly skilled in technical incident report writing and maintenance of document and evidence repositories

Nice to have:

• Fluency in other languages i.e. Turkish; Spanish; French; Lithuanian;

• Security certification (i.e. Certified Information Systems Security Professional (CISSP) or equivalent

• Expertise in one or more of the following functional areas: Digital Forensics, Threat Hunting

• Experience in developing cybersecurity tabletop scenarios

• Experience in Python, PowerShell, Bash or any other scripting languages

• Prior experience in developing detection rules and SOAR playbooks

What Cencora offers

We offer a competitive annual bonus, life insurance from Day 1, a best-in-class health insurance package, and up to 6 fully paid benefit days a year. As a Cencora employee, you have the benefit of our referral bonus scheme, our boundless learning opportunities and our global Employee Assistance Program. We have a wonderful office location in Quadrum, equipped with everything you need for a small break at work and fresh snacks at all times. Become part of our purpose-driven, multicultural team now and help us create healthier futures.

Schedule

Affiliated Companies: