Cyber Security Incident Response Analyst Forensics

CHEP helps move more goods to more people in more places than any other organization on earth via our 347 million pallets crates and containers. We employ approximately 13000 people and operate in 60 countries. Through our pioneering and sustainable shareandreuse business model the worlds biggest brands trust us to help them transport their goods more efficiently safely and with less environmental impact.

What does that mean for you Youll join an international organization big enough to take you anywhere and small enough to get you there sooner. Youll help change how goods get to market and contribute to global sustainability. Youll be empowered to bring your authentic self to work and be surrounded by diverse and driven professionals. And you can maximize your worklife balance and flexibility through ourHybrid Work Model.

Position Purpose

This position reports to the SOC Manager Cyber Security Operations and is responsible for ensuring that the response to Cyber Security events and incidents are timely appropriate thorough and meet the highest security standards.

This will be achieved through 2 main factors:

1. Lead their region coverage to respond to investigate resolve/isolate and support remediation for Brambles SOC driving the accuracy timeliness and quality of detection and response measures including reviewing and refining playbook documentation SLA measurement and adhoc deepdives of incident enrichment.

2. Lead the adhoc investigations related to misuse inappropriate access or similar cases where deepdive forensic type assessments are required in order to review available datasources and produce a final report of activity. For example emails sent websites visited files shared etc.

This role is key in supporting Brambles Cyber Security threat analysis and incident response program and is responsible for ensuring that security events are effectively analyzed and appropriate response measures are taken in support of the corporate Cyber program

Major / Key Accountabilities

• Serve as the primary escalation point for L3 security incidents from the SOC ensuring thorough review escalation and resolution processes.
• Lead the identification triage and remediation of security incidents driving efforts to reduce TimetoFix through process improvements telemetry tuning and automation.
• Provide thought leadership for incident response forensic analysis including evidence capture chain of custody and reporting.
• Actively participate in the Security Incident Response Team (SIRT) to manage the full lifecycle of security incidents: identification containment eradication and resolution.
• Review and analyze logs alerts and telemetry from security tools and IT systems to identify investigate and respond to threats.
• Perform advanced threat hunting and realtime incident handling collecting and analyzing evidence (e.g. digital media logs malware) to contain malicious activity.
• Develop and refine incident response content processes workflows and detection methods to enhance monitoring and response capabilities.
• Utilize OSINT Threat Intelligence and enrichment resources to analyze and mitigate threats while creating highfidelity detection content.
• Facilitate global support by addressing requests from business contacts across time zones.
• Stay updated on cybersecurity trends threat vectors and vulnerabilities to recommend and implement enhancements for enterprise security and defense in depth strategies.

Experience

• Experience 4 years in IT security related roles; 12 years of Incident Response experience.
• Strong understanding of forensic data capture and case handling techniques.
• Familiarity with system monitoring assessment and reporting tools (e.g. SIEM).
• Experience with security tools (IDS firewalls antivirus data loss prevention etc.
• Proficient in email filtering URL filtering antivirus IDS vulnerability scanning 2factor authentication access control systems SIEM and VMware products.
• Experience with core IT systems including Windows VMware Cisco UNIX and Linux environments Preferred experience in the Supply Chain or Manufacturing environment.
• Preferred experience in cloud environments.
• Preferred understanding of active OT and IoT Security defence techniques and tooling.
• Preferred roficiency in network security and monitoring tools.
• Experience working with security governance frameworks (NIST ISO27001 COBIT).
• Preferred knowledge of Cloud Security Operations (SaaS PaaS IaaS) Mobile Architecture Network and Application Security and/or Data Protection.

Skills and Knowledge

• Ability to develop and maintain working relationships in a global environment.
• Excellent analytical and problemsolving skills.
• Outstanding verbal and written communications skills with all levels of management staff and vendors.
• Escalates potential risk and internal control weaknesses to management.
• Detailoriented with a focus on quality consistently seeking improvement and monitoring work for accuracy.
• Selfmotivated with the ability to work independently prioritize tasks and manage time effectively.
• Must be able to maintain confidentiality.
• Must be able to demonstrate and promote a positive team environment.
• Capable of staying composed and meeting goals in dynamic or timesensitive situations.
• Must possess the ability to manage conflict and/or direct change delays or unexpected events appropriately.
• Must be available to work outside of normal working hours or oncall as needed.

As an inclusive employer Brambles wants to see every candidate performing at their best throughout the job application process interview process and whilst at work. We therefore encourage you to inform your Talent Acquisition Partner of any reasonable adjustments you might need to enable this to happen.

We are an Equal Opportunity Employer and we are committed to developing a diverse workforce in which everyone is treated fairly with respect and has the opportunity to contribute to business success while realizing his or her potential. This means harnessing the unique skills and experience that each individual brings and we do not discriminate against any employee or applicant for employment because of race color sex age national origin religion sexual orientation gender identity status as a veteran and basis of disability or any other federal state or local protected class.

Individuals fraudulently misrepresenting themselves as Brambles or CHEP representatives have scheduled interviews and offered fraudulent employment opportunities with the intent to commit identity theft or solicit money. Brambles and CHEP never conduct interviews via online chat or request money as a term of employment. If you have a question as to the legitimacy of an interview or job offer please contact us at