-
Summary
Job SummaryThis position sits within the Vulnerability and Threat Management program at Sysco where you'll use defensive measures and information collected from a variety of sources to identify, analyze, and report cybersecurity events that occur or might occur within the Sysco network to protect information, resources, and networks from threats.Duties and ResponsibilitiesReceive, characterize, and analyze endpoint and network alerts from various sources within the enterprise and determine possible causes of such alerts to identify anomalous activity and potential threats to network resources and usersProvide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activitiesPerform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attackServe as an escalation point to SOC Analysts providing support, guidance, as well as work and track security incidents through final resolutionCreate and maintain incident response processes, procedures and blueprints. Documenting and maintaining knowledge base of incident methodologies and plansEducation RequiredSecurity CertificationEducation PreferredSecurity+, CEH, OSCP/OSCE, CISSP, CISA, or GIACExperience RequiredMinimum 7 years in IT 5 years in Incident ResponseExperience Preferred10 years in IT, Minimum 7 years in Incident ResponseLicenses/Certification RequiredSecurity CertificationLicenses/Certification RequiredSecurity+, CEH, OSCP/OSCE, CISSP, CISA, or GIACSkills and Abilities5+ years of cybersecurity incident response experience with excellent background in networking and security to include intrusion detection/preventionExcellent knowledge of security applications such as IDS, IPS, EDR, SIEM, next-gen AV and anomaly detection toolsKnowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks.)Excellent knowledge of the 6 phases in Cyber incident response planWide knowledge of application and IT product diversity, interoperability, and extensive knowledge in IT securityAbility to configure and conduct vulnerability scans using VM tools such as Tenable.io and TaniumPhysical DemandsReasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of this job.Work EnvironmentHybrid 3-4 Days in OfficeAFFIRMATIVE ACTION STATEMENTApplicants must be currently authorized to work in the United States. We are proud to be an Equal Opportunity and Affidivative Action employer, and consider qualified applicants without regard to race, color, creed, religion, ancestry, national origin, sex, sexual orientation, gender identity, age, disability, veteran status or any other protected factor under federal, state or local law. This opportunity is available through Sysco Corporation, its subsidiaries and affiliates.#J-18808-Ljbffr
-
Job Description
Job SummaryThis position sits within the Vulnerability and Threat Management program at Sysco where you'll use defensive measures and information collected from a variety of sources to identify, analyze, and report cybersecurity events that occur or might occur within the Sysco network to protect information, resources, and networks from threats.Duties and ResponsibilitiesReceive, characterize, and analyze endpoint and network alerts from various sources within the enterprise and determine possible causes of such alerts to identify anomalous activity and potential threats to network resources and usersProvide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activitiesPerform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attackServe as an escalation point to SOC Analysts providing support, guidance, as well as work and track security incidents through final resolutionCreate and maintain incident response processes, procedures and blueprints. Documenting and maintaining knowledge base of incident methodologies and plansEducation RequiredSecurity CertificationEducation PreferredSecurity+, CEH, OSCP/OSCE, CISSP, CISA, or GIACExperience RequiredMinimum 7 years in IT 5 years in Incident ResponseExperience Preferred10 years in IT, Minimum 7 years in Incident ResponseLicenses/Certification RequiredSecurity CertificationLicenses/Certification RequiredSecurity+, CEH, OSCP/OSCE, CISSP, CISA, or GIACSkills and Abilities5+ years of cybersecurity incident response experience with excellent background in networking and security to include intrusion detection/preventionExcellent knowledge of security applications such as IDS, IPS, EDR, SIEM, next-gen AV and anomaly detection toolsKnowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks.)Excellent knowledge of the 6 phases in Cyber incident response planWide knowledge of application and IT product diversity, interoperability, and extensive knowledge in IT securityAbility to configure and conduct vulnerability scans using VM tools such as Tenable.io and TaniumPhysical DemandsReasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of this job.Work EnvironmentHybrid 3-4 Days in OfficeAFFIRMATIVE ACTION STATEMENTApplicants must be currently authorized to work in the United States. We are proud to be an Equal Opportunity and Affidivative Action employer, and consider qualified applicants without regard to race, color, creed, religion, ancestry, national origin, sex, sexual orientation, gender identity, age, disability, veteran status or any other protected factor under federal, state or local law. This opportunity is available through Sysco Corporation, its subsidiaries and affiliates.#J-18808-Ljbffr
-
ABOUT THE COMPANY
-
-
Government Careers
Show moreGovernment jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.
Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.
Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.
-