Pay for this role starts at $110,600 and can go up from there based on background and qualifications. Additionally, you will be eligible for a meaningful performance based bonus each year.
Yum! Brands have a new opportunity for a dynamic, high-performing technical contributor for the Incident Response team. This role will allow a successful candidate to influence our business at a global level. This role will work collaboratively with our three iconic Brands on the forensic and investigation components of the incident response program. Notably, you will have the opportunity to learn our business from the ground up while working on cutting edge technologies.
- Performing in-depth analysis and forensics, analyzing incident data, recommending solutions, coordinating response activities, and preparing reports for management.
- Plan, coordinate, and direct forensic activities, including expert examinations, reporting of results, and research that involve all aspects of digital evidence.
- Performs research into emerging threat sources and develops threat profiles.
- Direct team investigation priorities and act as investigative SME for incidents.
- Working with stakeholders during incidents to mitigate the event and improve the security posture to reduce the likelihood of an incident occurring.
- Participate in IR training sessions and exercises.
- Collecting, preserving, and interpreting electronic evidence related to incident investigations.
- Perform forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
- Perform real-time threat hunting (e.g., forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) tasks.
- Identifies problems, performs root cause analysis, investigates information, conducts impact analysis, and formulates and executes plans to develop solutions.
- Work closely with the SOC to include idea generation for new content rules for security alerting and reduction of false positives.
- Act as backup for the Incident Response Manager.
- Plan, implement, and/maintain security measures for corporate applications.
- Investigate phishing and self-identified potential cyber threats.
- Evaluate applications to ensure that information assets are handled per Security policies.
- Develop threat models, and recommend mitigations and countermeasures to address threats for corporate applications
- Perform audit and security compliance checks, including penetration testing, vulnerability scans, and other configuration analysis for corporate applications.
KNOWLEDGE AND SKILL REQUIRED:
- Bachelor’s degree or equivalent in an area of study relevant to this position
- CERT Certified Computer Security Incident Handler
- ECC CEH (Electronic Commerce Council Certified Ethical Hacker)
EXPERIENCE (and other qualifications):
- 5+ years of experience in incident detection and response, malware analysis, or cyber forensics.
- Knowledge of forensic technology and maintaining a forensics lab.
- Detailed knowledge of National Institute of Standards and Technology (NIST).
- Excellent analytical, critical thinking, prioritization, and problem solving skills.
- Excellent presentation, verbal and written communication skills. Ability to communicate well with both technical and non-technical professionals.
- Ability to work effectively and manage partnerships with all areas and members of the business as well as influence Senior Executives.
- Ability to work effectively in a fast-paced, frequently changing environment.