Senior Cyber Security Incident Responder

Job Location MANILA NET PARK OFFICE Job Description Information Technology (IT) at Procter & Gamble is where business, innovation and technology integrate to create a competitive advantage for P&G. Our mission is clear -- we deliver IT to help P&G win with the over 5 billion consumers we serve worldwide. Our IT professionals are diverse business leaders who apply IT mastery to deliver game-changing, technology-driven business models and capabilities for our 65 iconic, trusted brands. From Day 1, you’ll be trusted to dive right in, take the lead, use your initiative, and build billion-dollar brands that help make everyday activities easier and make the world a better place. You’ll be doing meaningful work that takes your career places you never imagined. And you’ll do this in creative workspaces where new ideas flourish and where your technical mastery is recognized and rewarded. The Opportunity Procter & Gamble is seeking a highly skilled Senior Cyber Security Incident Responder who can leverage technology, develop, and improve our processes and empower organizations that will enable us to respond to any cybersecurity threats quickly and effectively in the P&G environment. Join a team of professionals motivated by groundbreaking technologies and innovations, serving as a catalyst for change, and identifying and aligning solutions to strengthening P&G's cyber security. You will report to the Cyber Defense Response Services Director based in Cincinnati, United States which is world HQ of P&G. We are proud to be a highly diverse and technically-adept team with members from different countries, cultures and backgrounds. Your success will be based on operational and project work, which would be reviewed on a quarterly basis. Your manager would provide full-support though continuous mentoring and coaching. Position Responsibilities Lead the analysis, triage, containment, and remediation of serious and major security incidents following the P&G’s cyber security incident response plan. Perform deep dive investigations from start to finish of a security incident using data from disparate sources such as SIEM, internal and external threat intelligence, and host and network-based security tools. Provide expert support to our stakeholders specially the information security leaders from different organization units to resolve cyber security incidents. Collect intrusion artifacts and perform forensically sound collection of images in aid of investigating and resolving cyber security incidents. Perform introspection of incidents to document, publish and share after-action learnings, improve awareness, and strengthen our security posture to prevent similar security incidents from recurring. Be the escalation point for complex incidents that SOC L1 and L2 analysts are unable to resolve independently. Help in the continuous development, drive awareness of and improve the Cyber Security Response processes and procedures, ensuring timely and effective response to detected cybersecurity incidents. Assist in evaluating SOC’s performance by completing quality reviews on a quarterly basis. Perform basic forensics investigation and fulfill eDiscovery requests in aid of a cybersecurity, legal or HR investigation Use proven industry methods to preserve, collect, analyze and present digital evidences derived from different sources (e.g. end user devices, network, cloud, etc) to reconstruct events that led to incidents Adhere to chain of custody rules for digital evidences, providing them in acceptable formats for legal proceedings Assist the P&G Incident Response Team in investigating and resolving security incidents. Continuously improve and mature our Digital Forensics processes Effectively communicate technical information to non-technical audiences and influence others to comply with policies and conform to standards and best practices. The Ideal Candidate Is passionate about designing and managing scalable data applications Can work independently and as a team to resolve incidents and develop solutions for the future Has the ability to work cross-functionally across different organizations and geographical locations. Is detail-oriented and analytical in nature, with strong problem-solving skills Has the ability to operate effectively and calmly in high stress situations Possesses strong leadership skills with the ability to communicate effectively with key customers including Senior Management. Articulates security events in a concise and understandable manner. Job Qualifications Required: Bachelor’s degree or above, majored in software engineering, computer science, information technology, cybersecurity, or related area. At least 5 years of experience related to Digital Forensics and Incident Response (DFIR) or Security Operations Center (SOC). Intermediate/advanced knowledge of different Cybersecurity tools including but not limited to EDR, SIEM, Network proxies and firewalls and Security Orchestration, Automation and Response (SOAR). Experience with forensics tooling (Axiom, Encase, Wireshark, Cellebrite etc) Strong scripting skills (Powershell, Python, Bash, etc) Strong expertise with Windows and Linux/Unix system administration. Solid understanding of major cloud services provider – AWS, Azure and GCP. Having foundational certifications from these CSPs will be an advantage. Preferred: Has intermediate/advanced and industry recognized certifications such as GCIH, CISSP, GCIH. Awareness of the cyber security/privacy incident disclosure requirements of different geographies About Us We produce globally recognized brands and we grow the best business leaders in the industry. With a portfolio of trusted brands as diverse as ours, it is paramount our leaders are able to lead with courage the vast array of brands, categories and functions. We serve consumers around the world with one of the strongest portfolios of trusted, quality, leadership brands, including Always, Ariel, Gillette, Head & Shoulders, Herbal Essences, Oral-B, Pampers, Pantene, Tampax and more. We are an equal opportunity employer and value diversity at our company. We do not discriminate against individuals on the basis of race, color, gender, age, national origin, religion, sexual orientation, gender identity or expression, marital status, citizenship, disability, HIV/AIDS status, or any other legally protected factor. #J-18808-Ljbffr