This is whereyour work makes a difference.

At Baxter we believe every personregardless of who they are or where they are fromdeserves a chance to live a healthy life. It was our founding belief in 1931 and continues to be our guiding principle. We are redefining healthcare delivery to make a greater impact today tomorrow and beyond.

Our Baxter colleagues are united by our Mission to Save and Sustain Lives. Together our community is driven by a culture of courage trust and collaboration. Every individual is empowered to take ownership and make a meaningful impact. We strive for efficient and effective operations and we hold each other accountable for delivering exceptional results.

Here you will find more than just a jobyou will find purpose and pride.

Job Overview

Sr Manager Cyber Incident Response is a senior technical leader and team lead responsible for directing the Incident Response teams day-to-day incident response operations. This is a hands-on leadership roleoverseeing complex investigations performing deep technical analysis guiding containment and remediation efforts and ensuring the timely resolution of cybersecurity incidents.

The Sr Manager will manage lead and maintain a team of incident responders and forensics analysts act as the escalation point for critical events and serve as the technical bridge between analysts detection engineering threat intelligence and the Associate Director of Incident Response. This is a leadership position that also manages shift coverage and incident triage to maintain 24x7 operational readiness coordinating schedules and workload with peers in other Baxter SOC locations to ensure seamless global coverage.

What youll be doing

• Lead the detection analysis containment and recovery phases for high-severity security incidents.
• Serve as the highest technical escalation point for the IR team providing advanced troubleshooting forensics and malware analysis. - Provide hands-on guidance in the use of SIEM SOAR EDR (Etc) platforms.
• Active involvement in major investigationsreviewing artifacts logs and alerts to validate findings. Coordinate incident response efforts within IR and other IT teams to ensure efficient resolution.
• Perform and guide log analysis packet captures endpoint forensic imaging and reverse engineering where needed.
• Partner with Threat Intelligence and tools teams to integrate real-time threat data into IR processes.
• Review and tune detection rules SIEM queries and automated response workflows to improve signal-to-noise ratio.

Leadership

• Manage develop and assist with recruitment of high skilled team of Analysts.
• Manage shift coverage and triage to maintain 24x7 operational readiness coordinating schedules and workload with peers in other SOC locations to ensure seamless global coverage.
• Continually improve detection capabilities through (example) post-incident root cause analysis metrics reviews cross-IR team reviews etc. Additionally create and refine incident playbooks and runbooks to ensure consistency and speed in response.
• Conduct regular tabletop and live-fire exercises with the team.
• Provide technical incident summaries to the Associate Director of IR and relevant stakeholders.

What youll bring

• Bachelors degree in Cybersecurity Computer Science or related field (equivalent experience accepted).
• 14 years in cybersecurity with at least 3 years focused on incident response and digital forensics.
• Demonstrated ability to lead investigations and investigative teams in a high-pressure 24/7 operational environment.
• Proficient in incident triage log analysis and endpoint/network forensics.
• Strong experience with SIEM (Splunk Sentinel QRadar etc.) SOAR platforms and EDR tools (CrowdStrike Defender for Endpoint Carbon Black etc.).
• Familiarity with malware reverse engineering and memory analysis tools.
• Solid understanding of attack frameworks (MITRE ATT&CK Cyber Kill Chain) and response frameworks (NIST 800-61 ISO 27035).
• Soft Skills
• Strong communicator able to distill technical findings for both technical and non-technical audiences.
• Skilled at leading teams during high-pressure security incidents.
• Analytical and detail-oriented with strong problem-solving skills.

Equal Employment Opportunity

Baxter is an equal opportunity employer. Baxter evaluates qualified applicants without regard to race color religion gender national origin age sexual orientation gender identity or expression protected veteran status disability/handicap status or any other legally protected characteristic.

Reasonable Accommodations

Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities globally. If because of a medical condition or disability you need a reasonable accommodation for any part of the application or interview process please click on the link here and let us know the nature of your request along with your contact information.

Recruitment Fraud Notice

Baxter has discovered incidents of employment scams where fraudulent parties pose as Baxter employees recruiters or other agents and engage with online job seekers in an attempt to steal personal and/or financial information. To learn how you can protect yourself review our Recruitment Fraud Notice.