The Cyber Security Triage Incident Response Analyst position is responsible for detecting and assessing cyber security threats and incidents across the PepsiCo’s environment. The Cyber Security Triage Incident Response Analyst works among a team of skilled analysts in the Cyber Fusion Center (CFC) to address complex or difficult problems as needed within the Incident Response environment.
- Monitors SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises
- Responsible for understanding the global threat landscape by working with cyber threat intelligence (CTI) team
- Escalates cyber security events according to runbooks and standard operation procedures (SOPs)
- Acts as a participant during Cyber Hunt activities at the direction of one or more Incident Response Analysts Documenting event analysis and writing comprehensive reports of incident investigations
- Proactively provide feedback on SOC operational processes and procedures
- Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles
- Proactive monitoring of internal and external-facing environment using specialized security applications
- Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats.
- Participate in after hours on-call rotation when required
Qualifications / Requirements:
- 5+ years of overall IT professional experience
- 3+ Experience working in a corporate SOC environment
- Thorough understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.)
- Experience with enterprise SIEM (Splunk) or Incident Management systems
- Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation in a fast-paced environment
- Excellent written and oral communication skills
- Experience with network monitoring in a SOC environment
- Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests
- Previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations etc.
- Competence in using both internal and external ticketing systems for ITIL-based incident, problem and change management.
Nice to have:
- Strong working knowledge of at least three of the following security tools: host-based antivirus, anti-spam gateway solutions, firewalls, IDS/IPS, server and network device hardening, data loss prevention, forensics software, vulnerability management, website security
- BA/BS in Engineering, Computer Science, Information Security, or Information Systems or related work experience
- Security certifications (e.g. Security+, Network+, GCIA, GCIH, CISSP, CEH, etc.)
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
PepsiCo is an equal opportunity employer Minorities/Females/People with Disabilities/Protected Veterans/Sexual Orientation/Gender Identity.