Cyber Incident Response Lead

Requisition ID: COM000710

Merck & Co., Inc. Kenilworth, N.J., U.S.A. known as Merck in the United States and Canada, is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products. The difference between potential and achievement lies in the spark that fuels innovation and inventiveness; this is the space where Merck has codified its legacy for over a century. Merck’s success is backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Position Description Summary:
The Cyber Incident Response Lead provides oversight to Merck's Incident Response team. This cyber Incident Response Team responds to escalated alerts and performs alert monitoring during heavy volume events. This position conducts more in-depth analyses of security incidents with the specific ability to identify Indicators of Compromise, perform intrusion scope and root cause analyses and implement triaging protocols to mitigate potential damage to Merck's cyber ecosystem.

Key Responsibilities:
  • Leadership around the Development and updating of the team procedures, and the configuration of tools for the Cyber Analysts consumption
  • Escalates cyber security events according to Merck’s playbook and standard operation procedures (SOPs)
  • Performs additional analysis of escalations from Monitoring Analysts and conduct case review
  • Assists with containment of threats and remediation of environment during or after an incident
  • Escalates high or critical severity level incidents to Incident Investigators
  • Consumes threat intelligence and disseminate findings to relevant parties
  • Conducts hunting activities based on internal and external threat intelligence 
  • Performs triage of service requests from customers and internal teams
 Qualifications

Education Minimum Requirement: 
  • BA/BS in Engineering, Computer Science,  or Information Security

Required Experience and Skills: 
  • 3+ years team leadership 
  • Experience using event escalation and reporting procedures
  • Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
  • Understanding TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
  • Knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
  • Knowledge of how the Windows file system and registry function
  • Experience managing cases with enterprise SIEM systems 
  • Experience with network monitoring in a SOC environment
Preferred Experience and Skills:
  • Experience with Splunk, OSSEC and McAfee security products
  • Experience conducting forensic media analysis and log file analysis
  • Experience supporting incident investigations
  • Experience working in a 24/7 SOC environment
  • Security certifications (e.g. Security+, Network+, CEH, SANS etc.)
Your role at Merck is integral to helping the world meet new breakthroughs that affect generations to come, and we’re counting on your skills and inventiveness to help make meaningful contributions to global medical advancement. At Merck, we’re inventing for life. 
If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to [email protected]   Search Firm Representatives Please Read Carefully:  Merck & Co., Inc. is not accepting unsolicited assistance from search firms for this employment opportunity.  Please, no phone calls or emails.  All resumes submitted by search firms to any employee at Merck via email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Merck.  No fee will be paid in the event the candidate is hired by Merck as a result of the referral or through other means. Visa sponsorship is not available for this position.  For more information about personal rights under Equal Employment Opportunity, visit:              EEOC Poster             EEOC GINA Supplement

NSBE, SWE, NOBCCHE, AISES, NACME, SHPE, MOJO

Job: Compliance & Risk Management
Other Locations:
Employee Status: Regular
Travel: Yes, 5 % of the Time
Number of Openings: 1
Shift (if applicable): 1st
Hazardous Materials: No
Company Trade Name: Merck
Company
Merck
Posted
09/15/2018
Type
Full time
Location
Branchburg, NJ, US