As a highly skilled Digital Forensic & Incident Response Lead Engineer you will be in a foundational role in the Cencora Global Security Operations Center. You will contribute thought leadership and expertise to the continued growth of our digital forensics incident response program. You will work closely with other team members to perform threat detection and incident response while providing provide expertlevel guidance to junior analysts and other teams within the organization.

PRIMARY DUTIES AND RESPONSIBILITIES:

• Manage overall case load and assist with forensic analysis and reporting of case workload when .

• Manage evidence Intake/Outtake and Evidence Storage.

• Use advanced network traffic analysis techniques to identify compromised systems negate denial of service attacks and pinpoint resource anomalies.

• Leads cyber incident response engagements as a senior incident response leader.

• Serves as a backup to the Continuous Security Operations Regional Manager.

• Support Continuous Security Operations colleagues with complex and comprehensive event and incident analysis.

• Collaborates with Cyber Engineering Vulnerability Management Threat Intelligence Attack Surface Reduction Data Protection and Enterprise IT to elevate Cencoras security posture to next level of maturity.

• Oversee development of staff to ensure digital forensics procedures are conducted in accordance with policy and best practices.

• Effectively investigative and conduct root cause analysis identifying indicators of attack or compromise attack vectors.

• Deliver verbal and written reports as needed.

• Participates in oncall rotation (including weekends) to ensure continuous operations.

• Participates in internal incident response exercises and drills.

• Conducts knowledge transfer training sessions to Security Operations team upon technology implementation.

• Develops reviews follows and implements new runbooks and standard operating procedures.

• BA/BS degree highly desired but flexible with experience

• Six 6 or more years of combined security work experience across Cyber Security Digital Forensics and Incident Response.

• Strong experience with Axiom FTK SIFT Volatility and Timeline analysis.

• Two 2 years of experience in a lead role (highly desired)

• Strong knowledge of Microsoft Windows Active Directory MSSQL Azure etc.

• Strong knowledge of Linux/Unix Mac and AWS.

• Understand networking packet captures and NetFlow.

• Handson experience and the following tool categories: SIEM EDR email security gateway SOAR Firewall Antivirus secure web gateway DNS

• Practical experience handling sophisticated and highpriority cyber incidents

• Deep understanding of cyber security industry frameworks e.g. MITRE ATT&CK D3FEND NIST Cyber Killschain etc.

• Experience in Python PowerShell Bash or any other scripting languages.

• Excellent written communication skills with a focus on translating technically complex issues into simple easytounderstand concepts in English.

• Must have DFIR related certification such as GCFE GCFA GNFA CFCE etc.

• Preferred certifications include MCCE MCFE GCFR.

#LIMD1

What Cencora offers

We provide compensation benefits and resources that enable a highly inclusive culture and support our team members ability to live with purpose every day. In addition to traditional offerings like medical dental and vision care we also provide a comprehensive suite of benefits that focus on the physical emotional financial and social aspects of wellness. This encompasses support for working families which may include backup dependent care adoption assistance infertility coverage family building support behavioral health solutions paid parental leave and paid caregiver leave. To encourage your personal growth we also offer a variety of training programs professional development resources and opportunities to participate in mentorship programs employee resource groups volunteer activities and much more. For details visit time

Equal Employment Opportunity

Cencora is committed to providing equal employment opportunity without regard to race color religion sex sexual orientation gender identity genetic information national origin age disability veteran status or membership in any other class protected by federal state or local law.

The companys continued success depends on the full and effective utilization of qualified individuals. Therefore harassment is prohibited and all matters related to recruiting training compensation benefits promotions and transfers comply with equal opportunity principles and are nondiscriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment please call 888.692.2272 or email . We will make accommodation determinations on a requestbyrequest basis. Messages and emails regarding anything other than accommodations requests will not be returned

Affiliated Companies