Senior Cyber Defense Consultant

Location: Pittsburgh

Job Type: Full Time / Permanent

Our global Cyber Defense Team is looking for a Senior Cyber Defense Consultant to join a matrixed organization that has its leadership in Germany. The team is organized into different areas of responsibility (e.g., endpoint security, cloud security, monitoring systems) and each employee is independently responsible for the assigned sub-area. Team members are expected to collaborate and support each other’s areas and also assist in monitoring and responding to the security events generated by those systems. Position is based in US (Pittsburgh), but responsibilities are global and include collaboration with Europe/Asia. Overseas travel may be required.

Major Tasks and Responsibilities: Improves the capabilities of the Cyber Defense Team by increasing technical security depth of expertise, enabling enhanced security service offerings to stakeholder groups. Fluency in data analytic systems (like Elastic, Splunk) with ability to understand all the inputs/data sources on deep technical level. Analyze the performance of our security use cases (frequency and accuracy) and compare those to the response. Test the accuracy of the alarms; conduct long-term analysis of triggered alerts. Longitudinal and In-depth analysis of all security data Improve automation and response capabilities of SOC/CSIRT processes. Focus on exploration and implementation of AI for decision-making. Trains and onboards new employees to Cyber Defense in the NAFTA region. Manages security incidents. Acts as a trusted point of contact and expertise for incidents, and executes incident response activities including escalation to upper management. Provides technical analysis of security related incidents and recommends improvements as needed. Provides Compliance and Risk Management guidance and presentations to Corporate, Risk and internal Business groups as required to prove compliance to Chemical-sector laws and affiliate frameworks. Acts as program manager to engage system owners in supporting monitoring efforts, and coordinates activities across technical and non-technical teams throughout enterprise. Acts as a security consultant to help identify business needs and design appropriate security controls. Supports security awareness and education efforts. Value Added: Monitors the technical enterprise and manages response to security incidents. Contribution context: Cross IT Work stream integration for Cyber Security topics.

Basic Qualifications: Bachelor’s degree in Information Security or closely related discipline with 6+ years’ experience, or Master’s degree in related discipline with 4+ years’ experience 5 years of IT security experience in larger IT environments. 5 years hands on experience in SOC or CERT is mandatory, including at least 3 years as a senior analyst.

Preferred Qualifications: One relevant certificate (like Certified Incident Handler etc.) preferred.

Knowledge and Skills: Motivated and analytical self-starter who can manage projects, report and stay organized. Profound knowledge of security processes (vulnerability identification and remediation, anomaly detection, threat hunting), platforms (networking, firewalls, proxies, cloud and all kind of security analytic tools), risk categorization frameworks (NIST, ISO, IEC). Scripting experience (Python, PowerShell, regex etc.). Hands on experience in the creation of use cases for SIEM systems. Hands on experience in analyzing SIEM/EDR data sets. Experience with Data Analytics and Data Science methods highly appreciated. Experience working in a large international organization, and working effectively with individuals at all levels of the organization. Excellent communication skills, both written and verbal, to articulate concepts and ideas related to information security to non-technical audiences. Experience in working with non-IT professionals on Information Security topics. Experience leading a functional team of security or information technology professionals with both a physical and virtual presence. International travel required.