Incident Responder II (Incident Response)

ABOUT THE POSITION

Although were an apparel and footwear-focused company technology is central to everything we do. Columbia Sportswears Digital Technology (CDT) group enables an IT infrastructure and applications across four global brands a global supply chain and 500 geographically dispersed stores. These teams support in-store mobile and data platforms to enhance customer interface and service in an ever-evolving industry.

The Cybersecurity Engineer II designs develops implements and troubleshoots various information systems and cyber security software. This role manages the vulnerability lifecycle including detection prioritization and validation in accordance with CSC standards. The Cybersecurity Engineer II coordinates detection and response of cyber events and incidents. This person manages global information security tools and programs to support cybersecurity defenses.

HOW YOULL MAKE A DIFFERENCE

• Detect contain and recover from security incidents
• Utilize and maintain global cybersecurity incident response technologies runbooks and procedures
• Continuously monitors global cyber security threat landscape for emerging attack vectors develops treatment plans and partners with multiple teams to effectively mitigate the identified threats
• Collaborates with business and technical teams to ensure the secure and appropriate use of technology services and applications
• Manage global Information Security tools and programs (e.g. endpoint security log correlation (SIEM) etc.)

YOU ARE

• A collaborative teammate who can work independently when needed and who is eager to learn share knowledge and grow alongside the incident response team.
• A clear communicator with excellent written and verbal skills and are able explain findings in a straightforward business-aware manner
• Curious and improvement minded with willingness to help identify opportunities to strengthen our people processes and technology.
• Detail oriented with experience in creating and maintaining runbooks workflows and standard procedures to improve consistency and quality across the team.
• Automation-minded with interest in learning how SIEM and SOAR systems work to help drive efficiencies in automated detection and alerting

YOU HAVE

• Education and Certifications: Bachelors degree applicable certification or equivalent experience. Certifications such as CompTIA Security and CompTIA CySA are preferred for foundational knowledge.
• Experience: 2 4 years professional experience specifically in incident response or SOC analyst roles with proven ability to work within a dynamic environment. You have played supporting roles in enterprise-wide multi-system incidents and security investigations.
• Incident response program familiarity: Exposure to incident handling concepts and the lifecycle of detection analysis containment and recovery. Experience supporting runbook execution or contributing to incident documentation is a plus.
• Technical proficiency: Hands on experience with security stack components (SIEM SOAR EDR SWG SEG DSPM DLP) where you understand detection and alert logic and are eager to learn how to improve detections and reduce false positives.
• Foundational knowledge of industry and regulatory security standards and frameworks (e.g. NIST CSF ISO 27001 SOX PCI/DSS GLBA GDPR and CCPA) with a desire to deepen knowledge as you grow in the role.

#LI-SA1
#Hybrid

This job description is not meant to be an all-inclusive list of duties and responsibilities but constitutes a general definition of the positions scope and function in the company.