Incident Handler, Cybersecurity

Overview

The Incident Handler is responsible for the response to security incidents, threats, and vulnerabilities. Within the Cyber Fusion Center organization, this role requires the ability to fully engage in all phases of the incident lifecycle, including the skills to analyse event logs, computer artifacts, and other data sources to contain and resolve incidents or events, provide recommendations for remediation and determine the root cause.

• Identify, respond to, and mitigate sophisticated threats to Pepsi Co's computer networks
• Conduct incident response activities, including advanced investigation (forensic, malware analyses, server and network infrastructure, etc.) to investigate potential intrusions and develop remediation guidance
• Perform the activities necessary for the immediate, short-term rapid resolution of incidents to minimize production downtime and risk exposure
• Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles.
• Coordinates and drives efforts among multiple business units during response activities and post mortem
• Proactive monitoring of client environments using specialized security applications
• Provide timely, comprehensive, and accurate information to Information Security leadership in both written and verbal communications
• Develop the requisite expertise, knowledge, and ability to perform independently
• Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
• Participation in after-hours on-call rotation when required
• Bring up innovative ideas, based on your own experience or information gathered from external communities, and actively participate in the Incident Response function’s growth
• Collaborate with CFC teams on project execution and Pepsi Co security improvements
• Support the production of detailed technical reports and presentations related to digital investigations
• Ensure team success through organizational, functional, and team alignment towards the team mission and objectives
• Maintain current knowledge and understanding of the threat landscape, emerging security threats and vulnerabilities
• Maintain a high level of confidentiality

• The expected compensation range for this position is between $80,200 - $134,250.
• Location, confirmed job-related skills, experience, and education will be considered in setting actual starting salary. Your recruiter can share more about the specific salary range during the hiring process.
• Bonus based on performance and eligibility target payout is 8% of annual salary paid out annually.
• Paid time off subject to eligibility, including paid parental leave, vacation, sick, and bereavement.
• In addition to salary, Pepsi Co offers a comprehensive benefits package to support our employees and their families, subject to elections and eligibility:
  Medical, Dental, Vision, Disability, Health, and Dependent Care Reimbursement Accounts, Employee Assistance Program (EAP), Insurance (Accident, Group Legal, Life), Defined Contribution Retirement Plan.

• 3+ years of work experience in information security, especially in Information Operations/ incident role
• Bachelor's or master's degree in Information Technology or related discipline, with strong knowledge of Linux/UNIX, Windows OS & network technologies
• Relevant technical security certifications (GIAC, EC-Council, CompTIA, etc.)
• Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations, etc.
• Proven experience performing analysis of security events and incidents, to determine the root cause and provide resolution
• Hands-on digital forensic and/or malware analysis experience is a plus
• Working knowledge of at least three of the following security tools: host-based antivirus, anti spam gateway solutions, firewalls, IDS/IPS, SIEM, server and network device…