Digital Forensic & Incident Response Lead Engineer (hybrid)

Digital Forensic & Incident Response Lead Engineer (hybrid) page is loaded

Apply locations Dallas, TX Carrollton, TX time type Full time posted on Posted 4 Days Ago time left to apply End Date: June 30, 2025 (20 days left to apply) job requisition id R255741

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!

As a highly skilled Digital Forensic & Incident Response Lead Engineer, you will be in a foundational role in the Cencora Global Security Operations Center. You will contribute thought leadership and expertise to the continued growth of our digital forensics incident response program. You will work closely with other team members to perform threat detection and incident response while providing provide expert-level guidance to junior analysts and other teams within the organization.

The ideal candidate will have extensive experience in digital and network forensics, incident response, and cybersecurity operations in large, international organizations . Must be comfortable leading internal investigations and forensic examination including evidence acquisition from cloud, on-premise , and remote systems while ensuring chain of custody is maintained and that applicable rules of evidence are adhered to.

This position offers hybrid work options in Carrollton, TX

PRIMARY DUTIES AND RESPONSIBILITIES:

• Manage overall case load and assist with forensic analysis and reporting of case workload when required .

• Manage evidence Intake/Outtake and Evidence Storage.

• Use advanced network traffic analysis techniques to identify compromised systems, negate denial of service attacks, and pinpoint resource anomalies.

• Leads cyber incident response engagements as a senior incident response leader .

• Serves as a backup to the Continuous Security Operations Regional Manager .

• Support Continuous Security Operations colleagues with complex and comprehensive event and incident analysis .

• Collaborates with Cyber Engineering, Vulnerability Management, Threat Intelligence, Attack Surface Reduction, Data Protection and Enterprise IT to elevate Cencora’s security posture to next level of maturity .

• Oversee development of staff to ensure digital forensics procedures are conducted in accordance with policy and best practices.

• Effectively investigative and conduct root cause analysis, identifying indicators of attack or compromise, attack vectors.

• Deliver verbal and written reports as needed.

• Participates in on-call rotation (including weekends) to ensure continuous operations.

• Participates in internal incident response exercises and drills.

• Conducts knowledge transfer training sessions to Security Operations team upon technology implementation.

• Develops, reviews, follows, and implements new runbooks and standard operating procedures .

• BA/BS degree highly desired but flexible with experience

• Six (6) or more years of combined security work experience across Cyber Security, Digital Forensics, and Incident Response.

• Strong experience with Axiom, FTK, SIFT, Volatility, and Timeline analysis.

• Two (2) years of experience in a lead role (highly desired)

• Strong knowledge of Microsoft Windows, Active Directory, MS-SQL, Azure, etc.

• Strong knowledge of Linux/Unix, Mac and AW S .

• Understand networking, packet captures and NetFlow .

• Hands-on experience and the following tool categories: SIEM, EDR, e mail s ecurity g ateway, SOAR, Firewall, Anti-virus , s ecu re web gateway, DNS

• Practical experience handling sophisticated and high-priority cyber incidents

• Deep understanding of cyber security industry frameworks ( e.g. MITRE ATT&CK, D3FEND, NIST, Cyber Killschain , etc.)

• Experience in Python, PowerShell, Bash or any other scripting languages .

• Excellent written communication skills, with a focus on translating technically complex issues into simple, easy-to-understand concepts in English .

• Must have DFIR related certification such as GCFE, GCFA, GNFA, CFCE, etc.

• Preferred certifications include MCCE, MCFE, GCFR .

#LI-MD1

We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members’ ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit https://www.virtualfairhub.com/cencora

Full time

Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.

The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com . We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned

Affiliated Companies: AmerisourceBergen Services Corporation

Cencora is a leading global pharmaceutical solutions company that is committed to improving the lives of people and animals everywhere. We connect manufacturers, providers, and patients to ensure that anyone can get the therapies they need, where and when they need them.

We’re a purpose-driven organization, where all of our team members around the world are united in our responsibility to create healthier futures. We work together every day to help our partners bring their innovations to patients worldwide, creating unparalleled access and impact at the center of health.

Recruitment scams are on the rise and the intent is to target individuals looking for employment opportunities. To protect yourself, we urge you to be vigilant and follow these guidelines.

1.) Research the Company: Thoroughly research any company before applying or sharing personal information, check their website, read reviews, and verify their legitimacy.

2.) Be Wary of Unrealistic Promises: Exercise caution If a job posting offers high salaries and minimal qualifications. Legitimate jobs will have realistic expectations and provide detailed job requirements. Jobs at Cencora can be found on Cencora.com/careers

3.) Guard Your Personal Information: Only share sensitive information after vetting the employer’s credibility. Avoid sharing your Social Security number, bank account details, or identification documents during the application process. Cencora does not request this information as part of the employment application.

4.) Avoid Upfront Payments: Legitimate employers do not require payment during the hiring process. Be suspicious if you are asked to pay for training materials, processing fees, or background checks before securing a job offer. Cencora will never ask you for payment information during the hiring or onboarding process.

5.) Verify Communication Channels: Scammers often use free email services or chat platforms without providing an official company contact information. Cencora recruiters will have an email address ending in @cencora.com, @alliance-healthcare.net, @alliance-healthcare.co.uk, alliance-healthcare.fr or alliance-healthcare.ro

Remember to stay vigilant and informed about common scam tactics to reduce the risk of falling victim to fraudulent employment schemes.