Cyber Security Incident Response Engineer

Cyber Security Incident Response Engineer

The Cyber Security Incident Response Engineer is an individual contributor role. It will primarily consist of conducting incident response investigations on behalf of a wide variety of stakeholders. As the Incident Response Engineer, the individual must have a wide breath of knowledge across multiple IT and Information Security technologies. The individual must be able to independently lead information security investigations affecting Kimberly-Clark’s enterprise-wide computing environments and networks with minimum managerial assistance and communicate clearly and concisely with both technical staff and executive leadership. Excellent verbal and written communication skills are a must. The individual must be self-motivated and have the ability to recommend both tactical and strategic enterprise solutions to complex problems. The individual must also be a team player and be able to maneuver within the complexities associated with large fortune 100 companies such as changing policies, procedures and office politics. Attention to detail and investigative thoroughness are musts.

This role is viewed as an expert in complex security environments, encompassing both business process understanding and technical expertise. This individual directly interfaces with senior leadership and business units to communicate capabilities in business, non-technical terms. They will develop incident solutions and strategy for CS&A to deliver the business’ desired results. The engineer leads in developing innovative, technical solutions to important, highly complex strategic and operating problems, provides technical consulting on complex projects, and acts as a source of direction, training and guidance for other team members. This person is knowledgeable in industry best practices in their area of expertise and uses resources outside of KC to deliver solutions.

**Duties**:

- Independently plan, organize and devise approaches necessary to respond to incidents and obtain useful forensic information from the evidence submitted, taking into consideration the requirements by agency regulations, federal and state laws - and company policies as they apply.
- Working with the SOC (Security Operations Center) in the development and tuning of alerts and steps to take to investigate and resolve computer security incidents.
- Conduct incident and investigations post-mortem briefings, analysis, and reporting as required.
- Conduct forensic investigations including physical/logical disk and memory examinations.
- Provides technical guidance to investigations to correctly gather, analyze and present digital evidence to both business and legal audiences. Collates conclusions and recommendations and presents forensics findings to stakeholders.
- Contributes to the development of policies, standards and guidelines.
- Correlate threat intelligence with active attacks and vulnerabilities within the enterprise
- Monitor and analyze security events and identify trends, attacks, and potential threats.
- Research and stay current on the latest trends, best practices, and technology developments.
- Creating and tracking security investigations to resolution.
- Facilitate the integration of threat and data feeds for the purposes of incident response. Interface effectively in key relationships, including IT peers (e.g., Security Operations, IT Operations, Enterprise Architecture, etc.) internal business partners (e.g., Compliance/Privacy, Legal, Corporate Communications, etc.), key external clients (e.g., service providers, external partners, etc.) and other leaders and partners within IT and the broader enterprise.
**Required Qualifications**:

- Bachelor’s degree in IT/computer science or related discipline (note Master’s Degree preferred.
- Exceptional ability to remain calm under stress
Strong organizational, multi-tasking, and time-management skills
- Strong negotiation, influence, mediation & conflict management skills
- Expert understanding of operating systems (Windows, Linux, iOS/Android)
- Expert understanding of network architecture and security infrastructure placement
Travel is at a minimum. Since this is an enterprise position, some travel may be required.
- 7-10 years of demonstrated experience in Incident Response
**Preferred Qualifications**:

- Master’s Degree in computer security or related discipline
- Computer forensics experience strongly desired
- Security Designation(s): CERT-CSIH, CISSP.
- SANS GCFA-Forensic Analyst or GCFE- Forensic Examiner, GCIH-Incident Handler
- Exposure to security standards NIST Cyber Security Framework, NIST SP800-53, COBIT, ISO27001
Understanding of threat modeling concepts such as threat indicators, threats actors and vectors

Kimberly-Clark and its well-known global brands are an indispensable part of life for people in more than 175 countries. Every day, 1.3 billion people - nearly a quarter of the world's population - trust K-C brands and the so