Senior Cybersecurity Engineer

Orbia Advance Corporation is a Purpose-led company with big aspirations. We are out to advance life around the world while maximizing value to our shareholders, customers and employees. The Company is passionate about the topics that define how people will live and thrive tomorrow: the future of cities, buildings, agriculture, and materials. Orbia Advance Corporation has five business groups which offer innovative solutions across multiple industries including building and infrastructure, data communications, chemicals and more. In 2018, Orbia Advance Corporation bought a majority stake in Israeli-based Netafim, the world’s leader in drip irrigation, and is helping the world ‘grow more with less’ as it helps to solve food and water scarcity. Orbia Advance Corporation has operations in 41 countries with more than 22,000 employees.

We started as a producer of commodities and have evolved to become a provider of innovative solutions that address the global issues of rapid urbanization, water and food scarcity, and a growing and aging population. We’re already a global leader in Polymers, Fluor, Building & Infrastructure, Datacom, and Precision Irrigation. We have embarked on a CEO-led transformation, as part of our journey to become a truly purpose-led, future fit company.

Position Complexity

The role will be the engineering lead in Orbia’s Cyber Incident Response Team (CIRT), and will have influence on the cyber threat detection and incident response program globally. This role will work with a wide range of global stakeholders to enable, enrich, and enhance incident response, help to mature and advance CIRT’s automation and orchestration program, interface with our vendors, and more.

The impact of the cyber threat detection/incident response strategy is material to Orbia and is part of a larger security operations strategy. Precedents set in this program will be replicated across other functions, and significant risk reduction and breach/reputation protection across the business will hinge on the success of this program.

Main Purpose and Responsibilities

Provide technical thought leadership within the Cyber Incident Response Team (CIRT) engineering function.
Participate in the incident response on-call rotation (once a month or so) handling escalations from our Managed Detection and Response (MDR) provider as high priority alerts are raised.
Work with internal stakeholders and peer teams to drive service and integration improvements, establish internal best practices, and produce knowledgebase documentation.

Determine and analyze the root cause of recurring cybersecurity technology issues or outages and recommend and implement strategies to prevent reoccurrence in the future.
Collaborate with incident response personnell to develop business and technical requirements for detection and response automation and orchestration use-case implementation in technology platforms and CIRT services.
Develop and create alarms, dashboards, and workflows to allow quicker and more efficient insight into security events and the cybersecurity tehcnology portfolio.
Proactively research current cyber threat landscape, cyber threat trends, threat actors/groups, and exploit campaigns.
Develop, build, and maintain log observability pipeline data flows and transformations in support of detection and investigation functions with a focus on correlation and normalization.
Leverage scripting and programming abilities to automate repeatitive tasks.
Continually evaluate cybersecurity technology integrations for efficiency and efficacy, and support net-new technology acquisition integration into existing workflows and processes.
Validate security control coverage against new or emerging cyber threats. Contribute to engineering initiatives to operationalize cyber threat intelligence sources within Orbia’s detection and response technology portfolio.

Knowledge

Relevant security certifications (e.g. CISSP, GCIH, GCIA, CEH, etc.).
Knowledge of relevant frameworks, including Cyber Kill Chain and MITRE ATT&CK.
Deep technical knowledge of security solutions and architecture principles and processes.
Expert knowledge of scripting/programming languages, such as Python and Javascript.
Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
Excellent analytical and problem-solving skills.
Ability to build strong partnerships in a matrixed environment.
Ability to learn, grow and take on expanded duties as business needs evolve.
Superb judgment and integrity, including excellent decision-making skills and a sense of urgency.

Education

**Minimum**: 4 year Bachelor degree or HS diploma with equivalent experience.

**Desirable**: Bachelors degree in Computer science, Engineering or Business

Experience

**8+ years of experience in one or more of the following areas**: Information Security, Security Operations, Digital Forensics/Incident Response, Cyber Threat Hunting, or Cyber Th