Incident Responder II (Incident Response)

ABOUT THE POSITION

Although we're an apparel and footwear-focused company, technology is central to everything we do. Columbia Sportswear’s Digital Technology (CDT) group enables an IT infrastructure and applications across four global brands, a global supply chain, and 500+ geographically dispersed stores. These teams support in-store, mobile, and data platforms to enhance customer interface and service in an ever-evolving industry.

The Cybersecurity Engineer II designs, develops, implements and troubleshoots various information systems and cyber security software. This role manages the vulnerability lifecycle including detection, prioritization, and validation in accordance with CSC standards. The Cybersecurity Engineer II coordinates detection and response of cyber events and incidents. This person manages global information security tools and programs to support cybersecurity defenses.

HOW YOU’LL MAKE A DIFFERENCE

• Detect, contain, and recover from security incidents
• Utilize and maintain global cybersecurity incident response technologies, runbooks, and procedures
• Continuously monitors global cyber security threat landscape for emerging attack vectors, develops treatment plans, and partners with multiple teams to effectively mitigate the identified threats
• Collaborates with business and technical teams to ensure the secure and appropriate use of technology services and applications
• Manage global Information Security tools and programs (e.g., endpoint security, log correlation (SIEM), etc.)

YOU ARE

• A collaborative teammate who can work independently when needed, and who is eager to learn, share knowledge, and grow alongside the incident response team.
• A clear communicator with excellent written and verbal skills and are able explain findings in a straightforward, business-aware manner
• Curious and improvement minded with willingness to help identify opportunities to strengthen our people, processes and technology.
• Detail oriented with experience in creating and maintaining runbooks, workflows and standard procedures to improve consistency and quality across the team.
• Automation-minded with interest in learning how SIEM and SOAR systems work to help drive efficiencies in automated detection and alerting,

YOU HAVE

• Education and Certifications: Bachelor’s degree, applicable certification or equivalent experience. Certifications such as CompTIA Security+ and CompTIA CySA+ are preferred for foundational knowledge.
• Experience: 2 – 4 years’ professional experience specifically in incident response or SOC analyst roles with proven ability to work within a dynamic environment. You have played supporting roles in enterprise-wide, multi-system incidents, and security investigations.
• Incident response program familiarity: Exposure to incident handling concepts and the lifecycle of detection, analysis, containment and recovery.  Experience supporting runbook execution or contributing to incident documentation is a plus.
• Technical proficiency: Hands on experience with security stack components (SIEM, SOAR, EDR, SWG, SEG, DSPM, DLP) where you understand detection and alert logic and are eager to learn how to improve detections and reduce false positives.
• Foundational knowledge of industry and regulatory security standards and frameworks (e.g., NIST CSF, ISO 27001, SOX, PCI/DSS, GLBA, GDPR, and CCPA) with a desire to deepen knowledge as you grow in the role.

#LI-SA1
#Hybrid

This job description is not meant to be an all-inclusive list of duties and responsibilities, but constitutes a general definition of the position's scope and function in the company.