Cyber Security Incident Response Analyst (Forensics)

CHEP helps move more goods to more people, in more places than any other organization on earth via our 347 million pallets, crates and containers. We employ approximately 13,000 people and operate in 60 countries. Through our pioneering and sustainable share-and-reuse business model, the world’s biggest brands trust us to help them transport their goods more efficiently, safely and with less environmental impact.

What does that mean for you? You’ll join an international organization big enough to take you anywhere, and small enough to get you there sooner. You’ll help change how goods get to market and contribute to global sustainability. You’ll be empowered to bring your authentic self to work and be surrounded by diverse and driven professionals. And you can maximize your work-life balance and flexibility through our Hybrid Work Model .

Position Purpose

This position reports to the SOC Manager, Cyber Security Operations and is responsible for ensuring that the response to Cyber Security events and incidents are timely, appropriate, thorough, and meet the highest security standards.

This will be achieved through 2 main factors:

1. Lead their region coverage to respond to, investigate, resolve/isolate, and support remediation for Brambles SOC, driving the accuracy, timeliness and quality of detection and response measures, including reviewing and refining playbook documentation, SLA measurement and ad-hoc deep-dives of incident enrichment.
2. Lead the ad-hoc investigations related to misuse, inappropriate access, or similar cases where deep-dive, forensic type assessments are required in order to review available datasources and produce a final report of activity. For example, e-mails sent, websites visited, files shared etc.

This role is key in supporting Brambles Cyber Security threat analysis and incident response program, and is responsible for ensuring that security events are effectively analyzed and appropriate response measures are taken in support of the corporate Cyber program.

Major / Key Accountabilities

• Serve as the primary escalation point for L3 security incidents from the SOC, ensuring thorough review, escalation, and resolution processes.
• Lead the identification, triage, and remediation of security incidents, driving efforts to reduce Time-to-Fix through process improvements, telemetry tuning, and automation.
• Provide thought leadership for incident response, forensic analysis, including evidence capture, chain of custody, and reporting.
• Actively participate in the Security Incident Response Team (SIRT) to manage the full lifecycle of security incidents: identification, containment, eradication, and resolution.
• Review and analyze logs, alerts, and telemetry from security tools and IT systems to identify, investigate, and respond to threats.
• Perform advanced threat hunting and real-time incident handling, collecting and analyzing evidence (e.g., digital media, logs, malware) to contain malicious activity.
• Develop and refine incident response content, processes, workflows, and detection methods to enhance monitoring and response capabilities.
• Utilize OSINT, Threat Intelligence, and enrichment resources to analyze and mitigate threats while creating high-fidelity detection content.
• Facilitate global support by addressing requests from business contacts across time zones.
• Stay updated on cybersecurity trends, threat vectors, and vulnerabilities to recommend and implement enhancements for enterprise security and "defense in depth" strategies.

Experience

• Experience – 4 years in IT security related roles; 1-2 years of Incident Response experience.
• Strong understanding of forensic data capture and case handling techniques.
• Familiarity with system monitoring, assessment and reporting tools (e.g. SIEM).
• Experience with security tools (IDS, firewalls, anti-virus, data loss prevention, etc.)
• Proficient in email filtering, URL filtering, anti-virus, IDS, vulnerability scanning, 2-factor authentication, access control systems, SIEM, and VMware products.
• Experience with core IT systems, including Windows, VMware, Cisco, UNIX, and Linux environments. Preferred experience in the Supply Chain or Manufacturing environment.
• Preferred experience in cloud environments.
• Preferred understanding of active OT and IoT Security defence techniques and tooling.
• Preferred proficiency in network security and monitoring tools.
• Experience working with security governance frameworks (NIST, ISO27001, COBIT).
• Preferred knowledge of Cloud Security Operations (SaaS, PaaS, IaaS), Mobile Architecture, Network and Application Security and/or Data Protection.

Skills and Knowledge

• Ability to develop and maintain working relationships in a global environment.
• Excellent analytical and problem-solving skills.
• Outstanding verbal and written communications skills with all levels of management, staff, and vendors.
• Escalates potential risk and internal control weaknesses to management.
• Detail-oriented with a focus on quality, consistently seeking improvement and monitoring work for accuracy.
• Self-motivated with the ability to work independently, prioritize tasks, and manage time effectively.
• Must be able to maintain confidentiality.
• Must be able to demonstrate and promote a positive team environment.
• Capable of staying composed and meeting goals in dynamic or time-sensitive situations.
• Must possess the ability to manage conflict and/or direct change, delays, or unexpected events appropriately.
• Must be available to work outside of normal working hours or on-call as needed.

As an inclusive employer, Brambles wants to see every candidate performing at their best throughout the job application process, interview process and whilst at work. We therefore encourage you to inform your Talent Acquisition Partner of any reasonable adjustments you might need to enable this to happen.

Hybrid Remote

Active Learning, Adaptability, Cross-Functional Work, Curiosity, Digital Literacy, Emotional Intelligence, Empathy, Initiative, Problem Solving

We are an Equal Opportunity Employer, and we are committed to developing a diverse workforce in which everyone is treated fairly, with respect, and has the opportunity to contribute to business success while realizing his or her potential. This means harnessing the unique skills and experience that each individual brings and we do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state, or local protected class.

Individuals fraudulently misrepresenting themselves as Brambles or CHEP representatives have scheduled interviews and offered fraudulent employment opportunities with the intent to commit identity theft or solicit money. Brambles and CHEP never conduct interviews via online chat or request money as a term of employment. If you have a question as to the legitimacy of an interview or job offer, please contact us at recruitment@brambles.com.