Digital Forensic & Incident Response Lead Engineer (hybrid)

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!

As a highly skilled Digital Forensic & Incident Response Lead Engineer, you will be a key member of the Cencora Global Security Operations Center. You will contribute thought leadership and expertise to grow our digital forensics incident response program. You will work closely with team members to perform threat detection and incident response, providing expert guidance to junior analysts and other teams.

The ideal candidate will have extensive experience in digital and network forensics, incident response, and cybersecurity operations in large, international organizations. Must be comfortable leading investigations and forensic examinations, including evidence acquisition from cloud, on-premise, and remote systems, while maintaining chain of custody and adhering to rules of evidence.

This position offers hybrid work options in Carrollton, TX.

1. Manage case load and assist with forensic analysis and reporting.
2. Manage evidence intake, outtake, and storage.
3. Use advanced network traffic analysis to identify compromised systems and resource anomalies.
4. Lead cyber incident response engagements.
5. Serve as backup to the Regional Security Operations Manager.
6. Support colleagues with complex event and incident analysis.
7. Collaborate with various security teams to enhance security posture.
8. Oversee staff development to ensure forensic procedures follow best practices.
9. Conduct root cause analysis of incidents.
10. Deliver reports as needed.
11. Participate in on-call rotations and incident response exercises.
12. Conduct training sessions on new technologies.
13. Develop and review runbooks and SOPs.

• BA/BS degree preferred or equivalent experience.
• Six or more years in cybersecurity, digital forensics, and incident response.
• Experience with Axiom, FTK, SIFT, Volatility, Timeline analysis.
• Leadership experience preferred.
• Strong knowledge of Windows, Active Directory, MS-SQL, Azure, Linux/Unix, Mac, AWS.
• Understanding of networking and packet analysis.
• Experience with SIEM, EDR, email security gateways, SOAR, firewalls, antivirus, web gateways, DNS.
• Experience handling high-priority cyber incidents.
• Knowledge of cybersecurity frameworks (MITRE ATT&CK, NIST, etc.).
• Scripting skills in Python, PowerShell, Bash, etc.
• Excellent communication skills.
• DFIR certifications such as GCFE, GCFA, GNFA, CFCE.

We provide comprehensive benefits supporting physical, emotional, financial, and social wellness, including family support, health coverage, training, and development programs. For more details, visit https://www.virtualfairhub.com/cencora.

Cencora is committed to equal opportunity employment and provides accommodations for individuals with disabilities. To request accommodations, contact 888.692.2272 or hrsc@cencora.com.