Incident Response Analyst

You are purpose driven. Growth minded. Ready to stretch your potential. That’s the spirit of the community you’ll find at Orbia: where the purpose to advance life around the world drives our global team of over 23,000 every single day.

From creating solutions to deliver clean water, secure food supplies and reliable information to steering material advances that power the future of green and smart cities, transportation, and healthcare, we never settle for “good enough” when there’s an opportunity to make life better. Where purpose comes to life, it changes lives. This is what we live for.

Orbia is hiring for an Incident Response Analyst to be based in the UK/EU working remotely.

Main Purpose

The role will work closely with counterparts in our Managed Security Service Provider to conduct in-depth investigations, contextualize incidents with Orbia-internal information, and drive containment and response actions with Orbia IT teams. The Incident Response Analyst will engage for the duration of a security incident, leveraging all available detection and response toolsuites, including SIEM, EDR, email security, DNS filtering, and network security appliances, to analyze malicious artifacts and assist with forensic investigations.

Main Responsibilities

• Provide technical contribution for the cyber threat detection and incident response program within Orbia.
• Analyze security incidents identified by our external service providers and contextualize with Orbia-internal information. Validate whether the incident is a true/false positive and provide feedback to drive service provider improvement. 
• Support system owners with incident ticket resolution, including leading investigations, containment actions, and response/remediation steps.
• Assist with development of common runbooks for most frequent or critical incident types.
• Analyze root cause of recurring incidents and recommend and implement strategies to prevent reoccurrence in the future.
• Work with service providers on tuning false positives so as to ensure most effective use of Orbia’s resources.
• Interface with IT stakeholders in each of Orbia’s business groups and at the corporate level and serve as an escalation point to drive incident response and remediation.
• Liaise when necessary with external incident response providers to perform digital forensics, malware analysis, and recovery operations.
• Validate security control coverage against new or emerging cyber threats. Contribute to engineering initiatives to operationalize cyber threat intelligence sources within Orbia’s detection toolsuites.
• Collaborate with others within the cyber threat operations team, working closely with peers in vulnerability management, penetration testing and red/blue team exercises, and crisis command and resiliency.
• Consider and recommend new tools, processes, or strategies to enhance Orbia’s incident management workflow and increase efficiencies.

Qualifications

• Minimum: Bachelor degre or equivalent.
• Desirable: Master’s degree in Computer science, Engineering or Business preferred.

Knowledge/ Experience Required

• 2+ years of experience in one or more of the following areas: Information Security, Security Operations, Digital Forensics/Incident Response, Cyber Threat Hunting, or Cyber Threat Intelligence.
• 2+ years of experience working directly in a Security Operations Center would be desirable.  
• Knowledge/experience with common threat detection tools, such as SIEM, EDR/XDR, IDS/IPS, and firewalls in a large enterprise environment.
• Knowledge/experience with other types of security operations tools, such as vulnerability scanners, PCAP tools, and malware sandbox/reverse engineering tools.
• Knowledge/experience with forensic investigations, malware analysis, and incident response.
• Deep technical experience with the incident management lifecycle and incident analysis techniques.
• Experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, and application security.
• Familiarity with relevant regulations, such as SOX, GDPR / data privacy, PCI-DSS, etc.
• Excellent analytical and problem-solving skills.
• Ability to build strong partnerships in a matrixed environment.
• Excellent verbal and written communication skills, including ability to translate complex technical subjects to non-technical audiences.

Behaviours that can help you succeed at Orbia: 

• Develop yourself & Others
• Foster Collaboration & Inclusion
• Drive Results
• Provide Vision & Direction

We welcome purpose-driven dreamers, doers, and builders, recognizing that it takes difference to make a difference. If you’re ready to bring your skills, talents, and perspective to moving your career, the company, people, and the planet forward, we’d like to hear from you.

We believe that every voice matters; every community deserves respect; and every challenge is an opportunity and united by empathy, we are stronger for our different perspectives. We are dedicated to building a more diverse, inclusive, and equitable workplace that supports the needs of all our employees regardless of their role, location, identity, and background.