Sr. Incident Responder (Incident Response)

ABOUT THE POSITION

Although were an apparel and footwear-focused company technology is central to everything we do. Columbia Sportswears Digital Technology (CDT) group enables an IT infrastructure and applications across four global brands a global supply chain and 500 geographically dispersed stores. These teams support in-store mobile and data platforms to enhance customer interface and service in an ever-evolving industry.

The Sr. Cybersecurity Engineer designs develops implements and troubleshoots various information systems and cyber security software. This role manages the vulnerability lifecycle including detection prioritization and validation in accordance with CSC standards. The Sr. Cybersecurity Engineer coordinates detection and response of cyber events and incidents. This person manages global information security tools and programs to support cybersecurity defenses.

HOW YOULL MAKE A DIFFERENCE

• Detect contain and recover from security incidents
• Author and maintain global cybersecurity incident response technologies runbooks and procedures
• Continuously monitors global cyber security threat landscape for emerging attack vectors develops treatment plans and partners with multiple teams to effectively mitigate the identified threats
• Collaborates and coordinates with business and technical teams to ensure the secure and appropriate use of technology services and applications
• Manage global Information Security tools and programs (e.g. endpoint security log correlation (SIEM) etc.)
• Act as a technical resource for junior engineers to establish processes procedures best practices etc.

YOU ARE

• Able to work both individually and as part of a team and are committed to sharing knowledge and developing skills across the incident response team.
• An excellent written and verbal communicator with a high degree of business acumen and an enterprise mindset
• Able to establish success metrics identify program improvements and support initiatives impacting our people processes and technology.
• Creating and maintaining runbooks workflows and standardized procedures that improve consistency and quality across the team.
• An AutomationFirst Thinker where you will refine SIEM and SOAR systems to improve efficiency and enable more time for highvalue investigative work.

YOU HAVE

• Education and Certifications: Bachelors degree applicable certification or equivalent experience with CompTIA Security CompTIA CySA or equivalent certifications
• Experience: 5 8 years professional experience specifically in incident response roles with proven ability to work within a dynamic environment. You have played incident lead roles in enterprise-wide multi-system incidents and can confidently brief executive leadership during crises.
• Program Building: Demonstrated experience with running incidents as well as developing runbooks and incident response metrics to support the Incident Response program.
• Technical proficiency: Hands on experience with security stack components (SIEM SOAR EDR SWG SEG DSPM DLP) where you know how to tune tools to improve detection and alert accuracy.
• Framework knowledge: Proficiency with Cybersecurity Incident Response industry and regulatory standards and frameworks (e.g. NIST CSF SANS Cyber Kill Chain MITRE ATT&CK ISO 27001 SOX PCI/DSS GLBA GDPR and CCPA).

#LI-SA1
#Hybrid

This job description is not meant to be an all-inclusive list of duties and responsibilities but constitutes a general definition of the positions scope and function in the company.