Analysis Skills, Applications Security, Audiovisual, Blueprints, Computer Security, Diversity, Documentation, Event Correlation, Incident Response, Information/Data Security (InfoSec), Internet Security, Interoperability, Intrusion Detection Systems, Intrusion Detection and Prevention (IDP), Intrusion Prevention Systems, Knowledge Base, Network Administration/Management, Network Performance/Analysis, Network Security, Operational Audit, Problem Solving Skills, Security Analysis, Security Attacks, Security Information and Event Management (SIEM), Security Monitoring, Time Management, Virtual Machine (VM), Vulnerability Scanners
Job Summary:
This position sits within the Vulnerability and Threat Management program at Sysco where you’ll use defensive measures and information collected from a variety of sources to identify, analyze, and report cybersecurity events that occur or might occur within the Sysco network to protect information, resources, and networks from threats.
Duties and Responsibilities:
- Receive, characterize, and analyze endpoint and network alerts from various sources within the enterprise and determine possible causes of such alerts to identify anomalous activity and potential threats to network resources and users
- Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
- Serve as an escalation point to SOC Analysts providing support, guidance, as well as work and track security incidents through final resolution
- Create and maintain incident response processes, procedures and blueprints. Documenting and maintaining knowledge base of incident methodologies and plans
Education Required:
Education Preferred:
- Security+, CEH, OSCP/OSCE, CISSP, CISA, or GIAC
Experience Required:
- Minimum 7 years in IT 5 years in Incident Response
Experience Preferred:
- 10 years in IT, Minimum 7 years in Incident Response
Licenses/Certification Required:
Licenses/Certification Required:
- Security+, CEH, OSCP/OSCE, CISSP, CISA, or GIAC
Skills and Abilities:
- 5+ years of cybersecurity incident response experience with excellent background in networking and security to include intrusion detection/prevention
- Excellent knowledge of security applications such as IDS, IPS, EDR, SIEM, next-gen AV and anomaly detection tools
- Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks.)
- Excellent knowledge of the 6 phases in Cyber incident response plan
- Wide knowledge of application and IT product diversity, interoperability, and extensive knowledge in IT security
- Ability to configure and conduct vulnerability scans using VM tools such as Tenable.io and Tanium
Physical Demands:
- Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of this job.
Work Environment:
- Hybrid 3-4 Days in Office
S
Sysco
Sysco is the global leader in selling, marketing and distributing food products to restaurants, healthcare and educational facilities, lodging establishments and other customers who prepare meals away from home. Its family of products also includes equipment and supplies for the foodservice and hospitality industries. With more than 72,000 colleagues, the company operates 334 distribution facilities worldwide and serves approximately 725,000 customer locations. For fiscal year 2023 that ended July 1, 2023, the company generated sales of more than $76 billion. Information about our Sustainability program, including Sysco’s 2023 Sustainability Report and 2023 Diversity, Equity & Inclusion Report, can be found at www.sysco.com.
10,000 employees or more
https://careers.sysco.com/