Cencora
Principal Threat Hunter, Cyber Security (remote)
Cencora, Washington, District of Columbia, us, 20022
Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
Job Details
The
Principal Threat Hunter
is a technical leader in the Cencora Security Operations Center who applies their knowledge of adversarial tactics and techniques and their experience with security controls, infrastructure, and networking to proactively investigate potential cyber threats. They will use their findings to improve detection, response, and security controls. PRIMARY DUTIES AND RESPONSIBILITIES: Conduct threat hunting to identify, classify, prioritize, and report on cyber threats following industry best practices. Conduct research on emerging security threats; Provide correlation and trending of cyber incident activity. Craft methodologies for monitoring, detection, and analytics for SIEM and other platforms. Provide security gap analysis and effectiveness assessments of security platform technologies such as SIEM, SOAR, XDR, EDR. Formulate methodologies to monitor for as well as respond to security-related events. Identify and correlate with other data sources to enhance security event detection, monitoring, and response capabilities. Oversee the response to information security incidents, investigation, countermeasures, and recovery. Analyze security incidents for further enhancement of alerting schema. Provide security briefings to advise on critical issues that may affect the enterprise. SKILLS & EXPERIENCE: Exceptional written and verbal communication skills with the ability to clearly convey highly complex technical topics and findings to others. Expert level understanding of security controls including system-level controls, network controls, and security operations, across Endpoint, Cloud, SaaS, and Identity. Advanced knowledge of Endpoint Detection and Response (EDR) capabilities and multiple EDR products. Foundational knowledge of Digital Forensics and Incident Response (DFIR) processes. Experience creating SIEM correlation logic, performing data analysis, managing data intake, and conducting security threat analytics on real-time and historical log data. Ability to create processes around analyzing and investigating alerts and threats for anomalous, suspicious, or malicious activity. Ability to create processes and methodologies to support proactively hunting for potential cyber threats. Knowledge of regular expressions and at least one common scripting language (Python, Powershell, etc). Experience mentoring others as they advance their technical skills. Ten (10) or more years of working in the cybersecurity industry (Enterprise level). Eight (8) or more years of directly-related or relevant experience, preferably in information security. Bachelor's Degree in Computer Science, Information Technology or any other related discipline or equivalent related experience. Preferred Certifications: Azure Security Engineer Certification Certified Cloud Security Professional (CCSP) Certification in Information Security Strategy Management (CISM) Certified Information Systems Security Professional (CISSP) CompTIA Security + Certification Systems Security Certified Practitioner (SSCP) Behavioral Skills: Conflict Resolution Creativity & Innovation Decision Making Assertiveness Influencing Skills Planning Presentation Skills Risk-taking Technical Skills: Threat Hunting Network Solutions and Systems Cybersecurity Root Cause Analysis Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI) Advanced Encryption Application Architecture Identity and Access Management IT Risk Management Tools Knowledge: Microsoft Office Suite Programming and Development Languages - JavaScript, HTML/CSS, Python, SQL Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, VPN IDS/IPS, AV, proxies, etc. What Cencora offers
We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit
Cencora Virtual Fair . Salary Range*
$121,000 - 186,230 *This Salary Range reflects a National Average for this job. The actual range may vary based on your locale. Ranges in Colorado/California/Washington/New York/Hawaii/Vermont/Minnesota/Massachusetts/Illinois State-specific locations may be up to 10% lower than the minimum salary range, and 12% higher than the maximum salary range. Equal Employment Opportunity
Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law. The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory. Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email
hrsc@cencora.com . We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned. Affiliated Companies:
Affiliated Companies: AmerisourceBergen Services Corporation
#J-18808-Ljbffr
The
Principal Threat Hunter
is a technical leader in the Cencora Security Operations Center who applies their knowledge of adversarial tactics and techniques and their experience with security controls, infrastructure, and networking to proactively investigate potential cyber threats. They will use their findings to improve detection, response, and security controls. PRIMARY DUTIES AND RESPONSIBILITIES: Conduct threat hunting to identify, classify, prioritize, and report on cyber threats following industry best practices. Conduct research on emerging security threats; Provide correlation and trending of cyber incident activity. Craft methodologies for monitoring, detection, and analytics for SIEM and other platforms. Provide security gap analysis and effectiveness assessments of security platform technologies such as SIEM, SOAR, XDR, EDR. Formulate methodologies to monitor for as well as respond to security-related events. Identify and correlate with other data sources to enhance security event detection, monitoring, and response capabilities. Oversee the response to information security incidents, investigation, countermeasures, and recovery. Analyze security incidents for further enhancement of alerting schema. Provide security briefings to advise on critical issues that may affect the enterprise. SKILLS & EXPERIENCE: Exceptional written and verbal communication skills with the ability to clearly convey highly complex technical topics and findings to others. Expert level understanding of security controls including system-level controls, network controls, and security operations, across Endpoint, Cloud, SaaS, and Identity. Advanced knowledge of Endpoint Detection and Response (EDR) capabilities and multiple EDR products. Foundational knowledge of Digital Forensics and Incident Response (DFIR) processes. Experience creating SIEM correlation logic, performing data analysis, managing data intake, and conducting security threat analytics on real-time and historical log data. Ability to create processes around analyzing and investigating alerts and threats for anomalous, suspicious, or malicious activity. Ability to create processes and methodologies to support proactively hunting for potential cyber threats. Knowledge of regular expressions and at least one common scripting language (Python, Powershell, etc). Experience mentoring others as they advance their technical skills. Ten (10) or more years of working in the cybersecurity industry (Enterprise level). Eight (8) or more years of directly-related or relevant experience, preferably in information security. Bachelor's Degree in Computer Science, Information Technology or any other related discipline or equivalent related experience. Preferred Certifications: Azure Security Engineer Certification Certified Cloud Security Professional (CCSP) Certification in Information Security Strategy Management (CISM) Certified Information Systems Security Professional (CISSP) CompTIA Security + Certification Systems Security Certified Practitioner (SSCP) Behavioral Skills: Conflict Resolution Creativity & Innovation Decision Making Assertiveness Influencing Skills Planning Presentation Skills Risk-taking Technical Skills: Threat Hunting Network Solutions and Systems Cybersecurity Root Cause Analysis Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI) Advanced Encryption Application Architecture Identity and Access Management IT Risk Management Tools Knowledge: Microsoft Office Suite Programming and Development Languages - JavaScript, HTML/CSS, Python, SQL Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, VPN IDS/IPS, AV, proxies, etc. What Cencora offers
We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit
Cencora Virtual Fair . Salary Range*
$121,000 - 186,230 *This Salary Range reflects a National Average for this job. The actual range may vary based on your locale. Ranges in Colorado/California/Washington/New York/Hawaii/Vermont/Minnesota/Massachusetts/Illinois State-specific locations may be up to 10% lower than the minimum salary range, and 12% higher than the maximum salary range. Equal Employment Opportunity
Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law. The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory. Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email
hrsc@cencora.com . We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned. Affiliated Companies:
Affiliated Companies: AmerisourceBergen Services Corporation
#J-18808-Ljbffr