Associate Director, Product Cybersecurity Incident Response and Detection
Company: Carrier
Location: Atlanta
Posted on: January 27, 2023
Job Description:
Date Posted:2022-12-22-08:00Country:United States of
AmericaLocation:CAG23: DLS VRF- Atlanta 3300 Riverwood Pkwy ,
Atlanta, GA, 30339 USACarrier is the leading global provider of
healthy, safe and sustainable building and cold chain solutions
with a world-class, diverse workforce with business segments
covering HVAC, refrigeration, and fire and security. We make modern
life possible by delivering safer, smarter and more sustainable
services that make a difference to people and our planet while
revolutionizing industry trends. This is why we come to work every
day. Join us and we can make a difference together.About this
roleAs the leader of product cybersecurity incident response and
detection within Carrier and its businesses, you will be
coordinating with stakeholders to drive communication and
remediation of critical security vulnerabilities. Global Product
Cybersecurity is looking for a lead analyst looking to own the data
collection and processing to better understand threat actor's
motives, targets, and attack behaviors currently effecting the
buildings space. This intelligence gathering will help us prevent,
mitigation, and remediate potential software, firmware, or hardware
vulnerabilities. And in turn will allow the incident response
function to identify, analyze, and respond to potential security
incidents more efficiently and effectively.Key Responsibilities
- Assist in investigations, security incidents, vulnerability
findings, and recommendations for product related incidents
- Provide project-level support to operations teams, including
incident response perspectives and subject matter expertise
- Incident response lead for high severity product cybersecurity
incidents
- Coordinate appropriate activities across product and security
teams, including stakeholders to remediate potential threats
- Conduct research and analysis to provide timely and actionable
intelligence to business stakeholders
- Understand advanced malicious cyber actors, activities,
techniques, geography, and impact
- Champion security awareness for all emerging threats in the
product cybersecurity landscape
- Analysis, isolation, and reverse engineering of potential
vulnerabilities, exploits in both hardware and software
applications
- Work closely with Computer Security Incident Response Team
(CSIRT) and Product teams to ensure proper handling of
incidents
- Form functional groups with stakeholders to scope, analysis,
define actions and timelines for security incidents
- Develop playbooks to improve incident response activity and
drive information sharing across teams
- Effectively adapting and organizing work according to business
priorities and the product's vulnerability severity
- Intelligence reports, briefings, findings, and threat
assessments
- Attention to detail, presentation skills, excellent
communication both orally and written, and ability to work well
with others
- Passion for finding, understanding, and mitigating cyber
threats
- Develop proof-of-concepts of exploitations or modifications
based on identified vulnerabilities
- Supports all phases of the secure engineering, support, and
development lifecycles in collaboration with multifunctional
leaders, stakeholders, contributors, and businesses
- Provides timely and expert support to resolve difficult
problems and issues
- Provides cybersecurity thought leadership, advisement,
mentorship, training, and engagement
- Supports ad hoc initiatives within the
cybersecurity-engineering domain, as needed
- Provides critical support as required for all major Product
Cybersecurity missions, including Secure Development, Operations,
Commercialization, and Innovation
- Positions Carrier in a world class position within the Product
Cybersecurity domain
- Produces meaningful metrics to detail current level of
support
- Serving as incident commander in driving the overall response
to a cyber incident and coordinating efforts of multiple corporate
teams
- Developing and presenting clear business recommendations to
continue overall improvement
- Providing quality control and oversight for reports,
presentations, and brief-outs
- Ensuring the fusion of threat intelligence drives the
prioritization of detection and response efforts
- Plan, document, and execute emulation of adversary operations,
then feedback to preventative and detective security controls as
well as response procedures.
- Partner with the Cyber Fusion Center team and conduct
independent research into threat actor tactics, techniques,
procedures in specific applicable domains
- Identify and implement necessary tooling and infrastructure to
support and evolve the program.
- Development of Key Performance Indicators (KPIs) to drive
program focus and growth.
- Knowledge of industry practices for responsible disclosure of
security threats and product vulnerabilities.
- Engage directly with researchers, partners, and internal
support teams to drive issues to long-term resolution.
- Extensive understanding of triaging and assessing risks
associated with cybersecurity vulnerabilities (CVSS, CWE, OWASP Top
10)Required Qualifications
- 5+ years of experience in 1 or more cybersecurity
domain(s):
- Incident Response
- Threat Intelligence
- Product Cybersecurity Development
- Risk ManagementPreferred Qualifications
- Bachelors degree in Computer Science, Software Engineering, or
equivalent Engineering degree
- Masters degree or PhD in computer science, software
engineering, or equivalent
- Experience and understanding of Agile software development
practices
- Experience in security certifications or accreditations such as
SOC2, ISO 27001, FedRAMP, etc.
- Experience in the building technologies domain, especially
HVAC, Refrigeration, Fire, Physical Security, Video Surveillance
and/or related services
- Certifications demonstrating deep practical knowledge such as
CSSLP, CISSP, CCSP, CCSK, AWS Solutions Architect Professional, et.
Al
- Exceptional cross-functional and multi-domain technical
aptitude
- Diverse technical domain experience (ex., Embedded, Enterprise,
Mobile, Cloud, etc.)
- Excellent communication, mentorship, change management and
leadership skills
- Exceptional interpersonal skills with the ability to
effectively support diverse groups, help negotiate priorities, and
resolve conflicts among project stakeholders
- Project leadership, research and/or publication experience
- Demonstrated experience and a solid track record for working w/
cross-functional, engineering, business, and executive leadership,
handling complex challenges, delivering results
- Leadership and adaptability when facing unique challenges
encountered to effectively work with individuals in diverse
cultures and business environments.
- Demonstrated team leadership ability
- Strong work ethic and a proactive mindset with ability to think
outside of the box to solve problems.
- Proven ability to work independently and in a multi-tasking
environment with strong analytical and conflict resolution
skills.
- Strong written and oral communication skills.
- Strong meeting organization and facilitation skills.
- Proven experience in writing, designing, and delivering cyber
related content
- Track record of managing work to achieve milestones on time and
within budget in a fast-paced environment.
- Experience investigating and acting on high-impact threats and
online threat actors
- Experience thinking like the adversary, and to anticipate
threat actors moves
- Experience thinking critically and qualify assessments with
solid communications skills
- Extensive experience with common threat intelligence tools
- Highly familiar with one or more of the following:
- Classical threat intelligence (IOCs, hunting, reporting,
visualization)
- Interdisciplinary research of threat actors and groups
- Malware research
- Incident response and digital forensics#LI-RemoteRSRCARCarrier
is An Equal Opportunity/Affirmative Action Employer. All qualified
applicants will receive consideration for employment without regard
to race, color, religion, sex, sexual orientation, gender identity,
national origin, disability or veteran status, age or any other
federally protected class.Job Applicant's Privacy Notice:Click on
this link
(https://www.corporate.carrier.com/legal/privacy-notice-job-applicant/)
to read the Job Applicant's Privacy NoticeCOVID-19 vaccines are
required for all newly hired Carrier U.S. Salaried employees,
except as prohibited by law. Candidates residing in or for
positions located in any of the following jurisdictions are not
subject to this requirement: Alabama, Arkansas, Florida, Kansas,
Indiana, Iowa, Mississippi, Montana, Nebraska, North Dakota,
Tennessee, Texas, Utah, and West Virginia.If you have questions
about applicability of this requirement to you, please contact
Global People Services at: +1-833-819-1257
Keywords: Carrier, Atlanta , Associate Director, Product Cybersecurity Incident Response and Detection, Executive , Atlanta, Georgia
Didn't find what you're looking for? Search again!
Loading more jobs...