Sr. InfoSec Engineer Incident Response

Be a part of a revolutionary change - find your future in our future At PMI, we’ve chosen to do something incredible. We’re transforming our business and building our future with one clear purpose – to deliver a smoke-free future. We're disrupting our company from the inside out. Our transformation is redefining every area of our business. From where and how we make and sell our products—to how we engage our consumers and society. To support this vision, PMI is evolving into a science and technology-based, consumer-facing, multi-category company—and Information Technology (IT) is a vital partner in helping to lead the way. As we accelerate PMI's vision, we get to dream big too. With unique and transformative IT projects matching all levels of skill and ambition, we've taken on the spirit of a start-up, with the freedom to craft and define our digital future, but with the support and scope of a vast global business. YOUR DAY TO DAY As a Philip Morris Incident Response Consultant, you will work within established methodologies to perform a variety of Incident Response related activities. This will include emergency response to cyber incidents, proactively hunting for adversaries across the estate, designing and performing Table-Top Exercises. The Incident Response Consultant will also be responsible for leading and working on projects that will support tactical and strategic business objectives. Demonstration of leadership abilities, clear and concise communication with a variety of stakeholders, ability to lead during a crisis, personal agility to adapt to changing environments, and a strong comprehension of malware, emerging threats and calculating risk will be critical to success. When you work with us, you’ll be part of a global team of highly empowered Incident Response professionals who work as a collaborative team focused on helping the business be both better prepared to defend against adversaries, as well as responding to active incidents within our network. WHO WE’RE LOOKING FOR We are looking for a charismatic, articulate individual, and a born diplomat. You check your ego at the door and learn from others constantly, while also helping to educate those who aren’t as well versed as you are in technical or procedural topics. As a result, you have a track record of working tirelessly to help the business and your teammates and have even come up with some novel techniques in your time. · Respond to global cyber incidents caused by internal and external threats to our business, that may involve non-traditional working hours. · Must be willing to routinely travel with less than 24-hour notice (when international travel resumes) · Can clearly communicate the Incident Response Lifecycle and the Kill Chain (Attack) Life Cycle. · Demonstrate capability to map technical findings to business impacts and communicate those in a manner which is understandable by a non-technical audience. · Be able to scope an incident, gain consensus on objectives with our stakeholders, and lead a team of incident response consultants during an emergency engagement. · Specialize in host centric analysis utilizing a variety of forensic tools (e.g. SIFT, Volatility, Defender ATP, etc…) · Specialize in network forensic analysis with a strong understanding of network protocols · Adept at malware reverse engineering. · Good scripting capabilities. · Design, lead and participate in Table-Top Exercises with the business. · Proactively hunt for adversaries leveraging a variety of tools and techniques · Draft communications, assessments, and reports to include leadership and executive management · Understanding of different attacks and how best to design custom detection, containment, and remediation plans · Serve as a liaison to different businesses and interface with fellow team members and colleagues on other security teams. As-needed, manage relationships with business partners, management, vendors, and external parties · Lead projects as directed · Be a champion for the process. Develop and document processes to ensure consistent and scalable response operations · Demonstrate industry leadership through blog posts and public speaking at conferences and events · Bachelors' Degree in Computer Science or a related technical degree; or, equivalent industry experience. · Minimum 5 years of experience in information security and 4 years of experience handling incidents · Must be willing to be on-call and work off-shift hours, to include nights, weekends, and holidays on rota with other team members Desired Characteristics: · Detailed understanding of current cyber security threats, attacks, and countermeasures. Such as Advanced Persistent Threat (APT), Cyber Crime, Hacktivism and associated tactics · Strong track record of understanding and interest in recognized IT Security-related standards and technologies, demonstrated through training, job experience and/or industry activities. IT Security Certifications · Industry certifications such as the CISSP, GCIH, GCFA, GREM, CREST CRIA, CHIA, CNIA WHY SHOULD YOU JOIN US? At PMI IT, we believe success to be fuelled by our employees, depended on them coming to work every single day with a sense of purpose and an appetite for challenge. We are a people first organisation committed to empowering you to take risks, grow and explore. Here’s what sets us apart: • We’re redefining the big picture of well-being and personal development. We seek the best professionals but recognize them as parents, caregivers, family, and community members. We look after each other and care for our people, so wherever you join us around the world, we’re committed to providing the type of benefits only a company like PMI can offer • Being the fastest learning IT organization in the world is core to our culture, so we invest significantly in developing our people. From mentoring to technical certifications, stretch roles, soft skills development, and executive education, we help our people develop the skills they need to do their best work and create their own unique impact. • At PMI IT, we believe diversity and inclusiveness are essential to every industry. We’re proud that our culture is built upon strong corporate values, a foundation of respect and belonging, and a commitment to diversity and inclusion that welcomes a variety of skill sets, backgrounds, and experiences. • We see digital technology as disruptive, and possibilities as endless. Our teams work with innovative technologies such as Cloud, APIs, IoT and AI, supported by management practices and principles such as Agile, Design Thinking, and Product Management. Every single IT member is part of our Transformation journey. Join us and pursue your ambitions – our staggering size and scale provides endless opportunities to progress. If our culture and mindset resonate with you, we look forward to receiving your application and getting to know you. Together, let’s deliver a smoke free future.