Information Security Incident Response Analyst (Hybrid)
We are the makers of possible
BD is one of the largest global medical technology companies in the world. Advancing the world of health™ is our Purpose, and it’s no small feat. It takes the imagination and passion of all of us—from design and engineering to the manufacturing and marketing of our billions of MedTech products per year—to look at the impossible and find transformative solutions that turn dreams into possibilities.
We believe that the human element, across our global teams, is what allows us to continually evolve. Join us and discover an environment in which you’ll be supported to learn, grow and become your best self. Become a maker of possible with us.
Job Summary:
The role of a BD Incident Response analyst is to maintain the confidentiality, integrity, and availability of BD’s systems by preparing for and minimizing cyber security incident-based losses, theft of information, or disruption of services that could result in serious loss of information assets, revenue, public confidence, reputation, or market share.
Job Responsibilities:(Primary Duties, Roles, and/or Authorities)
Coordinate with multi-functional teams to ensure timely and effective incident response, following BD’s internal policies and procedures
Serve as liaison between technical teams and the business, ensuring clear and concise communication with management teams
Declare security incidents, assign severity based on business impact, and lead investigation
Reverse engineer a series of events from correlating multiple log sources
Establish timelines of events and root cause analysis for incidents
Independently prescribe thorough and comprehensive containment and remediation plans to mitigate the impact from security incidents
Identify trends in security incidents and events and propose proactive solutions
Identify, develop and implement automation to optimize processes
Develop and operationalize process documentation including playbooks and work instructions
Provide oversight and support to MSSP (Managed Security Services Provider) incident response resources
Document/Log all Incident details, allocating categorization and prioritization codes
Keep both internal and external partners informed about incident status at agreed intervals
Develop, participate in, and/or conduct tabletop exercises
Demonstrate security knowledge by keeping current on threats, trends, tools, etc
Development and execution of incident communications for both internal and external audiences, where required
Lead and participate in after-hours incidents when required, including international hours and on-call rotation
Education and Experience:
Education:
A minimum of a bachelor’s degree is required. Ideal candidate will have a degree in cybersecurity, business, crisis management, communication, project coordination, computer science, or other technical discipline
Preferred certifications or the ability to acquire, such as GCIH, CISSP, CCSP, or other certifications recognized in the industry.
Experience:
A minimum of 3 years of experience in incident response and the proven ability to operate cross functionally to execute business wide initiatives is preferred
Preferred 3-5 years of experience in general cybersecurity roles, including but not limited to: risk management or assessment, incident response, security engineering, security operations, vulnerability management, threat intelligence, or identity and access management
Preferred 1-2 years of experience in working with and providing oversight and support to an MSSP (Managed Security Services Provider)
Knowledge and Skills:
Non-technical or soft skills:
Excellent verbal and written communications skills, project management and the ability to communicate well with non-technical audiences.
High motivation, with dynamic and customer-centric skills and the ability to thrive in a challenging and changing high-pressure environment
Proficient understanding and applicability of:
NIST Cybersecurity framework
FDA cybersecurity guidance
MITRE ATT&CK framework
Lockheed Martin Cyber Kill Chain
Effective meeting management and group facilitation skills
The ability to think both strategically and tactically
Able to work autonomously while maintaining a high level of accuracy and attention to detail
Ability to take initiative and make critical decisions independently during incident investigations
Technical:
Proficient skills with technology such as:
SIEM (Security Information and Event Management)
XDR/EDR (Extended Detection and Response / Endpoint Detection and Response)
IDS/IPS (Intrusion Detection System / Intrusion Prevention System)
SOAR (Security Orchestration, Automation, and Response)
other similar security controls
Familiarity with scripting languages such as Python, PowerShell, Bash, or other
Work Environment: (if applicable)
The ability to travel up to 10% annually
At BD, we prioritize on-site collaboration because we believe it fosters creativity, innovation, and effective problem-solving, which are essential in the fast-paced healthcare industry. For most roles, we require a minimum of 4 days of in-office presence per week to maintain our culture of excellence and ensure smooth operations, while also recognizing the importance of flexibility and work-life balance. Remote or field-based positions will have different workplace arrangements which will be indicated in the job posting.
For certain roles at BD, employment is contingent upon the Company’s receipt of sufficient proof that you are fully vaccinated against COVID-19. In some locations, testing for COVID-19 may be available and/or required. Consistent with BD’s Workplace Accommodations Policy, requests for accommodation will be considered pursuant to applicable law.
Why Join Us?
A career at BD means being part of a team that values your opinions and contributions and that encourages you to bring your authentic self to work. It’s also a place where we help each other be great, we do what’s right, we hold each other accountable, and learn and improve every day.
To find purpose in the possibilities, we need people who can see the bigger picture, who understand the human story that underpins everything we do. We welcome people with the imagination and drive to help us reinvent the future of health. At BD, you’ll discover a culture in which you can learn, grow, and thrive. And find satisfaction in doing your part to make the world a better place.
To learn more about BD visit https://bd.com/careers
Becton, Dickinson and Company is an Equal Opportunity/Affirmative Action Employer. We do not unlawfully discriminate on the basis of race, color, religion, age, sex, creed, national origin, ancestry, citizenship status, marital or domestic or civil union status, familial status, affectional or sexual orientation, gender identity or expression, genetics, disability, military eligibility or veteran status, or any other protected status.
#earlycareer
Required Skills
Collaboration, Communication, Cybersecurity, Cyber Threat Hunting, Endpoint Detection and Response (EDR), Event Management, Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Microsoft PowerShell, Remediation, Root Cause Analysis (RCA)Optional Skills
.
