Senior Associate/Associate Manager, Internal Investigations - Information SecurityRacine, Wisconsin Job ID 10427 Apply
- Triage and lead escalated Security events and incident related to internal privileged access, sensitive data incidents or other potential breaches of company policy.
- Accountability for managing internal investigations, directing resources to execute investigative steps while preserving chain of evidence when necessary.
- Manage and address high risk issues such as Data Loss Prevention findings, Behavior Analytics anomalies and admin rights reviews.
- Support internal threat operations, coordination with other company departments, and effective integration with Internal Investigation process
- Lead and manage security incidents with other key departments to resolve high or critical severity level incidents related to insider threats.
- Internal investigations aim to uncover the truth about alleged misconduct within the organization. But a good internal investigation must do so without compromising the relationship with innocent employees or unnecessarily damaging anyone's reputation. That calls for good planning, consistent execution, analytical skill, sensitivity and a solid grasp of the legalities involved.
- Digital forensics in support of internal investigations and litigation activities by preserving, harvesting, and processing electronic data according to company policies and external requirements (e.g. insurance underwriter, regulatory, etc.)
- Produce incident reports while managing sensitive and/or confidential information
- Review and document various forms of digital evidence: financial/transaction records, web traffic/IP address logs, audit logs and open source data for potential threats/subjects
- Manage forensic lab operations to ensure quality forensics and data preservations per industry standards.
- Process data collections to support business continuity requirements and Privacy regulations.
- Assist Internal Investigations management in managing the internal investigations program, including compliance, fiscal management, strategic planning, and the execution of assigned business critical projects and programs.
- 5+ years of IT experience with 2 or more years’ experience performing Cybersecurity operations and Cybersecurity engineering specific to the key responsibilities mentioned above.
- Demonstrated skills in Digital Forensics, Data Loss Prevention, Behavior Analytics threat hunting, and incident response/handling
- Strong understanding of Windows and Linux operating systems, Identity and Access Management technologies and cloud solutions (e.g. Office365)
- Strong understanding of network architecture and technologies
- Understanding of mobile endpoints and management technologies
- Experience with scripting languages such as Python or Powershell
- Effectiveness in building trust, respect and cooperation to develop cooperative and constructive working relationships and teams
- Excellent communication skills including verbal, written and presentation skills, which include technical report writing and dashboard building
- Work independently and able to manage work effectively with shifting priorities and challenges
- Must be SSCP, Security+ or similarly certified or obtain certification within the first year
- Preferred additional certifications in any of the following: CISSP, SANS-GIAC (GCFE, GCFA, GCIH, GNFA, GCED) or equivalent
- Undergraduate degree in Computing Science, Information Management, MIS or related.
SC Johnson & Son, Inc. is an equal employment opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, status as a qualified individual with a disability, marital status, pregnancy, sexual orientation, ancestry, genetic information, or any other characteristic protected by law.