Lead Security Analyst – Incident Response

About The Position

Requirements

• 7-10+ years in Information Security.
• 5+ years in Incident Response.
• Strong analytical skills including the ability to assess the severity and impact of a security incident.
• High level of technical expertise in information security, including familiarity with penetration and intrusion techniques and attack vectors.
• Demonstrated ability to collaborate effectively with operational teams and third-party MSSP.
• Excellent investigative skills and insatiable curiosity.
• Ability to demonstrate strong computer knowledge of network protocols, desktops, servers, cloud and software as a service technology.
• Experience with Security Information and Event Management (SIEM) platforms, next generation firewalls, email security platforms, Endpoint detection and response technologies, Data Loss Prevention Software, Web Proxies, and Web Application Firewalls.
• Familiarity with common scripting languages like Python and/or Powershell.
• Strong problem-solving and troubleshooting skills.
• Strong written and verbal communication skills.

Nice To Haves

• Instinctive and creative, with an ability to think like the enemy.
• Self-motivated and able to work independently.

Responsibilities

• Perform cybersecurity incident response including security event analysis, incident handling, reporting, and threat analysis.
• Coordinate with Campbell’s third-party Managed Security Services Provider (MSSP), internal information technology teams and other parties during cybersecurity events or incidents.
• Analyze and triage events, anomalies, and incidents to ensure appropriate identification of risk to company systems and information.
• Lead, oversee and participate in the forensic analysis of cybersecurity incidents.
• Communicate and coordinate response efforts with various stakeholders to mitigate the impact of a security or privacy breach.
• Prepare situation reports, escalate to leadership, and perform root cause analysis.
• Develop and report KPIs to enable continuous improvement of information security risk management controls.
• Share lessons learned from incident response and threat hunting to strengthen detection and response capabilities.
• Assess existing detection and response capabilities and provide recommendations for improvement.
• Leverage security orchestration (SOAR) to automate security response procedures.
• Maintain and enhance security monitoring and incident response procedural documentation.
• Proactively seek to uncover indicators of compromise that will identify whether Campbell’s systems have been breached.
• Collect and aggregate threat intelligence from various sources and assess for relevance to Campbell’s environment.

Benefits

• Medical, dental, short and long-term disability, AD&D, and life insurance.
• Matching 401(k) plan with immediate vesting.
• Unlimited sick time along with paid time off and holiday pay.
• Free access to the fitness center at WHQ.
• Access to on-site day care and company store.
• Employee donation matching program through 'Campbell’s Cares'.
• Variety of Employee Resource Groups (ERGs) to support employees.