Senior Incident Response Analyst (remote) at Johnson Controls in Boca Raton, Florida

Job Description:

Johnson Controls is powered by your talent. We are the power behind the customer mission. Together we are building a world that’s safe, comfortable and sustainable. Our diverse global team creates innovative, integrated solutions to make cities more connected, buildings more intelligent and environments more comfortable and secure. We are all about improving outcomes for our partners. Tomorrow needs your talent. Tomorrow needs you. So let’s talk today.

Job Details

What you will do

The Johnson Controls Global Information Security (GIS) team is undergoing a transformation and expansion as Johnson Controls increases its cybersecurity resources and capabilities to address the ever-changing cybersecurity threat landscape.  The successful candidate will be a Cybersecurity subject matter expert capable of partnering across functional disciplines to bring clarity to measurements and trends within and affecting the Information Security Risk landscape.  This role reports to the Sr. Manager, Incident Response.  The candidate will be able to articulate thoughts clearly, plan initiatives, and execute with appropriate urgency. The candidate will demonstrate drive, intelligence, maturity, and energy and will be a proven change agent.  

How you will do it

• Prepare documentation of runbooks, alert logic, policies, and procedures




• Monitor SIEM platform for security alerts that require escalation




• Provide guidance (related to IR triage) for Tier 1 SOC Analysts along with serving as an escalation point




• Review Splunk notables to ensure proper handling and escalation procedures were followed




• Perform reviews of SNOW tickets to ensure that adequate updates are provided




• Knowledge of Digital Forensics tools, data acquisition methods, and static/dynamic analysis methods is desired




• Ability to collect and analyze threat intelligence data to produce intelligence reports related to emerging threats




• At least 1 – 2 years of programming experience with Python or PowerShell




• Minimum of 3+ years performing security event monitoring, analysis, and basic triage




• General understanding of networking protocols, technologies, and topologies




• Competency working with a major SIEM platform




• Understanding of IDS/IPS technologies with an ability to write custom detection signatures




• Ability to conduct basic malware analysis techniques on malicious software




• Familiarity with at least one major cloud computing platform (i.e., AWS, Azure, or GCP)




• Knowledge of a major Operating System such as Windows, Linux/Unix, or Windows Server

What you will need
Required

• Advanced experience in threat detection and enterprise and cloud security




• Ability to recognize common attacker tools, tactics, and procedures




• Computer intrusion analysis and incident response, intrusion detection, computer network surveillance/monitoring 




• Strong knowledge or understanding of Incident Response and Security Operations Center activities




• The ability to communicate security concepts to both technical and non-technical audiences.




• Bachelor's degree in cybersecurity, computer science, information systems, or other technology-related field

Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.