Cyber Incident Responder
Provide cyber defense services through threat hunting, incident response, and security content development to help protect the Abbott enterprise which includes internal and external computing assets, data, customers and brand reputation.
Core Job Responsibilities
• Monitor and respond to cyber-based threats to Abbott and deploy countermeasures as needed.
• Use security technologies and tools, such as SIEM, IDS/IPS, endpoint detection and response (EDR), and Cyber Threat Intelligence (CTI) tools to protect the enterprise.
• Participate in threat hunting missions and remediate gaps that are identified.
• Contribute to the development of detections using MITRE ATT&CK and Cyber Kill chain frameworks.
• Automate manual tasks through technology integrations via scripting and orchestration of playbooks.
• Support the advancement of Abbott’s cyber threat intelligence and vulnerability management programs to ensure consistent detection, analysis, response, and monitoring of cybersecurity threats including actors, campaigns and vulnerabilities.
• Compose and deliver Situation Reports for key stakeholders.
• Participate in cross-team coordination to achieve defined security goals as well as meet technical requirements in support of detailed implementation plans for security projects.
• Perform assessment of cybersecurity incidents to identify the root cause, respond, and recover the environment.
• Contribute to the development and refinement of metrics packages.
Qualifications:
• Be a team player committed to the mission and continuous development of the Cyber Threat Action Center, peers, and Abbott customers.
• 2+ years of experience working in the Information Technology field.
• 1+ years of experience directly related to the area of incident response, digital forensics, malware analysis, threat hunting, cyber threat intelligence, or content development/tuning.
• GIAC (GICSP, GRID, GCIH, GSEC, GCFA, GREM), OSCP or equivalent certifications preferred.
• Bachelor’s degree preferred but will consider applicable work experience as it translates to an equivalent degree.
• Experience with programming and scripting languages, preferably Python and PowerShell.
• Strong written and verbal communication skills; must be able to effectively communicate to all levels of staff up to executive-level management, customers (internal and external), and vendors.
• Be available for on-call duty to handle high-impact cybersecurity incidents.
• Be driven for personal development through security conferences, Capture the Flags (CTF), lab time and research.
The base pay for this position is
N/AIn specific locations, the pay range may vary from the range posted.