Senior CERT Analyst (experienced level professional)

About The Position

Requirements

• A solid record of accomplishment for security incident response including leading cyber crisis response, providing security expertise, leading and prioritizing multiple incident workstreams.
• Capable of defining new procedures and applying best in class security practices.
• Strong knowledge of the cyber kill chain and MITRE ATT&CK for investigation and reporting.
• Hands-on expertise with network forensics and malware identification / eradication.
• Ability to analyze data from cyber defense tools (e.g., SIEM/EDR, network traffic, IDS/IPS, firewall and system logs, OSINT) to identify threats, resolve impact, and recommend mitigations.
• Demonstrated ability to make key decisions to navigate cyber or security events and take a course of action based on the assessment of the current scenario or situation.
• Ability to perform quick identification of impacts to the enterprise from various data sources and recommend appropriate countermeasures and mitigations.
• Solid understanding of Windows/Linux environments (2-3 years Administration/DEVOps), networking concepts/protocols, architecture, and system/application hardening.
• Clear written and verbal English communication, including executive-ready updates; strong documentation habits.
• Good interpersonal skills and collaboration abilities with strong team-orientation.
• Ability to mentor junior analysts; comfortable working across time zones.
• Strong dedication to data protection and discretion, following privacy & confidentiality policies.
• An ability to learn and apply new technologies quickly.
• Minimal 2-year technical degree with 5+ years of relevant experience in Information Security, or bachelor’s degree (Computer Science, Cybersecurity, Information Technology, or Computer Engineering).
• Minimum 5 years' experience in incident response (CERT/SOC/CSIRT - Manager, Technical Lead, or Forensics Analyst).

Nice To Haves

• Knowledge or usage of tools such as Splunk, Python, PowerShell, DB query language / tools or others used in offensive and defensive security is a plus.

Responsibilities

• Prevent: Know the latest evolving threats and security technologies; assess and contextualize risk; share findings with technical partners and the global CERT network.
• Detect: Triage alerts, ascertain severity, and provide mentorship during high-severity events; participate in shared on-call coverage (including weekends/holidays).
• Lead business-as-usual and complex incidents, including intrusions, malware, and ransomware, from start to end.
• Coordinate containment, eradication, and recovery across global teams.
• Maintain clear communication with collaborators while protecting privacy and confidentiality.
• Lead all aspects of global security incidents from 10 am – 7 pm EST/EDT, Weekdays.
• Provide weekend and holiday coverage shared globally by CERT teams (one analyst per zone for a weekend).
• Be available 24/7 to participate in emergency actions for critical severity events if needed.

Benefits

• Personalized development plans
• Mentorship
• Cross-functional opportunities
• Unique career paths and opportunities for advancement
• Diverse, supportive environment where competencies, contributions and behaviors are recognized
• Option to join one of our Connected Communities
• Work on projects that matter—from sustainable materials to digital transformation
• Part of a company that does what's right
• Use sustainable business practices while balancing the needs of customers and communities
• Equal employment opportunities
• Reasonable accommodations to employees and applicants with disabilities and for sincerely held religious beliefs