We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results

Lead Security Analyst - Incident Response

Campbell Soup Company
life insurance, paid time off, sick time, 401(k)
United States, New Jersey, Camden
1 Campbell Place (Show on map)
Nov 20, 2024

Since 1869 we've connected people through food they love. We're proud to be stewards of amazing brands that people trust. Our portfolio includes the iconic Campbell's brand, as well as Michael Angelo's, noosa, Pace, Pacific Foods, Prego, Rao's Homemade, Swanson, and V8. In our Snacks division, we have brands like Cape Cod, Goldfish, Kettle Brand, Lance, Late July, Pepperidge Farm, Snack Factory, and Snyder's of Hanover.

Here, you will make a difference every day. You will be supported to build a rewarding career with opportunities to grow, innovate and inspire. Make history with us.

Why Campbell's...

  • Benefits begin on day one and include medical, dental, short and long-term disability, AD&D, and life insurance (for individual, families, and domestic partners).
  • Employees are eligible for our matching 401(k) plan and can enroll on the first day of employment with immediate vesting.
  • Campbell's offers unlimited sick time along with paid time off and holiday pay.
  • If in WHQ - free access to the fitness center. Access to on-site day care (operated by Bright Horizons) and company store.
  • Giving back to the communities where our employees work and live is very important to Campbell's. Our "Campbell's Cares" program matches employee donations and/or volunteer activity up to $1,500 annually.
  • Campbell's has a variety of Employee Resource Groups (ERGs) to support employees.

Who we are looking for...

Campbell is seeking a Lead Security Analyst in the Greater Philadelphia/South Jersey region. As a key member of Campbell's Cybersecurity Incident Response Team this individual will be responsible for various parts of the incident response process -- detection, validation, containment, remediation, and communication -- for cybersecurity events and incidents such as malware infections, potential system compromises, Distributed Denial of Service (DDoS) attacks, and privacy breaches. This individual will be a key member on a team responsible for the rapid response and resolution of security incidents across the Campbell footprint including on-premises, the Cloud, and third-party hosted applications. This role involves working with internal and external teams to identify root cause, restore services and communicate status to affected stakeholders. In addition, the individual will be involved in activities to improve the security posture and incident response capabilities of the organization including process automation, purple team testing, metrics reporting and threat hunting.

This role will act as the escalation path for more junior staff to validate findings and identify scope of events and support during larger investigations. This individual will act as an internal resource while providing guidance to Incident Response Analysts and the third-party Security Operations Center.

What you will do...

Essential responsibilities will include but not be limited to:

50% -Incident Response

  • Perform cybersecurity incident response including security event analysis, incident handling, reporting, and threat analysis. The role involves coordination with Campbell's third-party Managed Security Services Provider (MSSP), internal information technology teams and other parties who may be engaged in the event of a cybersecurity event or incident.

  • Analyze and triage events, anomalies, and incidents to ensure appropriate identification of risk to company systems and information whether on premise, in the Cloud or managed by a third party.

  • Lead, oversee and participate in the forensic analysis of cybersecurity incidents.

  • Communicate and coordinate response efforts including working with the third-party MSSP, Information Technology teams, Business Leaders, Legal, Chief Security Officer and other Third Parties to mitigate the impact of a security or privacy breach.

  • Prepare situation reports, escalate to leadership, and perform root cause analysis.

  • Develop and report KPI's to enable continuous improvement of information security risk management controls.

25% - Assist with Strategy Development, Consulting and Management of Third-Party Security Operations Center and Threat Intelligence

  • Leverage lessons learned, threat modelling and emerging industry better practice, to analyze the effectiveness of the existing program (policies, technology, and awareness) to continuously improve the detection and response capabilities of the organization

  • Partner with Security Business Analysts, Security Architects to identify security logging and monitoring requirements for new initiatives especially those with privacy implications.

  • Review industry frameworks and best practice to advance the Company's controls in network/perimeter security, intrusion detection and response, content monitoring and filtering, vulnerability and patch management, managed threat detection and data loss prevention.

  • Partner with vendors and other third parties to improve product design and delivery capabilities.

  • Assist with management and review of third-party contracts for the security operations center and service levels. Identify potential gaps including procedures needed to mitigate risk.

15% - Enhance/Implement Capabilities to Strengthen Detection and Response Capabilities

  • Share lessons learned from incident response and threat hunting to strengthen detection and response capabilities.

  • Model insider and external threats to Campbell's systems and data.

  • Assess existing detection and response capabilities and provide recommendations for improvement.

  • Leverage security orchestration (SOAR) to automate security response procedures.

  • Maintain and enhance security monitoring and incident response procedural documentation.

  • Partner with the third-party MSSP to develop KPI's for management.

  • Validate the efficacy of security monitoring through attack simulation and purple team testing.

10% - Threat Hunting

  • Proactively seek to uncover indicators of compromise that will identify whether Campbell's systems have been breached.

  • Collect and aggregate information from a wide variety of sources and format them for relevance to Campbell's environment.

  • Create hypotheses for analytics and testing of threats relevant to Campbell.

  • Partner with the third-party MSSP, threat intelligence firms and other parties to identify threats that may impact Campbell.

What you bring to the table... (Must Have)

  • Bachelor's degree in a computer science or information technology discipline

  • 7-10+ years of relevant work experience

  • High level of technical expertise in information security, including deep familiarity with relevant penetration and intrusion techniques and attack vectors.

  • Cybersecurity in large complex companies including knowledge of global security and privacy breach laws and regulatory reporting.

  • Proven experience working with third party Security Operations Center (8 - 10 people globally) and forensics firms.

  • Demonstrated ability to lead and develop cohesive and collaborative management and operational teams internally and with a third party.

  • Proven experience implementing policies, procedures, and technology to detect and recover from a cybersecurity attack.

  • Ability to demonstrate strong computer knowledge networks, desktops, servers, cloud, and software as a service technology.

  • Expertise with next generation firewalls (Fortinet/Cisco/Checkpoint), Endpoint Detection and Response, Microsoft Advanced Threat Protection and Office 365, Zero Day Threat Detection Technology, Threat Intelligence Feeds, Forensics, Data Loss Prevention Software, Web Proxies, Web Application Firewalls.

  • Strong problem-solving and trouble-shooting skills.

  • Strong communication skills including writing reports and presenting to senior executives.

  • Demonstrated connections to external Incident Response leaders and learning organizations.

If would be great if you have... (Nice to Have)

  • Working knowledge of python, PowerShell, and APIs, or willingness to attain significant proficiency with these capabilities.

More about the job...

  • This position reports to the Director of Cybersecurity Operations.

  • On-call work is required.

Compensation and Benefits:

The target base salary range for this full-time, salaried position is between

$124,300-$178,700

Individual base pay depends on work location and additional factors such as experience, job-related skills, and relevant education or training. Total pay may include other forms of compensation. In addition, we offer competitive health, dental, 401k and wellness benefits beginning on the first day of employment. Please ask your Talent Acquisition Partner for more information about our total rewards package.

The Company is committed to providing equal opportunity for employees and qualified applicants in all aspects of the employment relationship, including consideration for employment, without regard to race, color, sex, sexual orientation, gender identity, national origin, citizenship, marital status, protected veteran status, disability, age, religion, or any other classification protected by law.

Applied = 0

(web-69c66cf95d-dssp7)