The Cybersecurity Incident Response Analyst is responsible for the response to security incidents, threats and vulnerabilities. Within the Global Threat Management & Response organization, this role requires the ability to analyze event logs, computer artifacts, and other data sources to contain and resolve incidents or events, provide recommendations for remediation and determine the root cause.
- Identify, respond, and mitigate sophisticated threats to PepsiCo computer networks
- Conduct incident response activities, including advanced investigation (forensic, malware analyses, root cause analysis etc.) to investigate potential intrusions and develop remediation guidance
- Perform the activities necessary for the immediate, short-term rapid resolution of incidents to minimize risk exposure and production down-time
- Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles
- Coordinate and drive efforts among multiple business units during response activities and post-mortem
- Proactive monitoring of internal and external-facing environment using specialized security applications
- Provide timely, comprehensive and accurate information to Incident Response Manager in both written and verbal communications
- Develop the requisite expertise, knowledge, and ability to perform independently through mentorship; mentor and share expertise with junior staff
- Proactively research and monitor security-related information sources to aid in the identification of threats to PepsiCo's networks, systems and intellectual property
- Lead and mentor other staff members on incident response, analysis and tools
- Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats.
- Participate in after hours on-call rotation when required
- BA/BS in Engineering, Computer Science, Information Security, or Information Systems or related work experience
- Thorough understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.)
- Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation in a fast-paced environment
- Excellent written and oral communication skills
Experience with enterprise SIEM or Incident Management systems
- Experience with network monitoring in a SOC environment
- Experience working in a 24/7 SOC environment
- Security certifications (e.g. Security+, Network+, GCIA, GCIH, CISSP, CEH, etc.)
Not Eligible for Relocation
A little about us:
Our nation’s veterans bring unbeatable life experience, job skills and leadership to PepsiCo. Together We Win.