Cyber Incident Response Engineer II

At Cencora, we believe that our team members are fundamental to achieving healthier futures. Every individual plays a crucial role in our mission to improve the lives of both people and animals worldwide. If you are passionate about making a difference in the health sector, we invite you to join our innovative team and apply now!

Position Summary

The Cyber Incident Response Engineer II is a mid-level role within our Security Operations Center (SOC). This position is vital for the detection, investigation, and response to cybersecurity incidents. In this role, you will conduct thorough analyses of alerts, escalate complex cases, and enhance our incident response processes and playbooks. You will work closely with global cyber defense teams to contain threats, minimize impact, and improve detection strategies. To succeed, you will need strong analytical skills, technical expertise, and the capability to perform under pressure.

Primary Duties and Responsibilities

Investigate and resolve cybersecurity incidents such as phishing, malware, ransomware, and unauthorized access attempts.

Analyze logs, alerts, and forensic data to understand the scope and impact of incidents.

Escalate complex or high-severity incidents to senior staff, providing detailed documentation and evidence.

Assist in containment, eradication, and recovery efforts during incident response.

Contribute to the creation and upkeep of SOC playbooks, runbooks, and standard operating procedures.

Collaborate with threat intelligence, vulnerability management, and forensics teams to enhance detection and response strategies.

Participate in lessons-learned sessions and suggest improvements to SOC processes and tools.

Support junior analysts by sharing knowledge and providing guidance on investigative techniques.

Education and Qualifications

Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or equivalent work experience.

In-depth knowledge of cybersecurity fundamentals, incident response methodologies, and adversary tactics.

Familiarity with industry frameworks such as NIST, MITRE ATT&CK, and ISO 27035.

Preferred Certifications

GIAC Certified Incident Handler (GCIH)

GIAC Certified Intrusion Analyst (GCIA)

CompTIA Security+ or CySA+

Certified Ethical Hacker (CEH)

Work Experience

3-5 years of progressive experience in cybersecurity, including at least 2 years in SOC operations or incident response.

Hands-on experience with SIEM, EDR, and forensic tools (e.g., Splunk, CrowdStrike, Wireshark).

Proven ability to analyze logs, alerts, and artifacts for incident investigations.

Excellent written and verbal communication skills for documenting findings and briefing stakeholders.

What Cencora Offers

We provide a wide range of compensation and benefits designed to foster an inclusive culture and support our team members’ lives. Along with traditional benefits such as medical, dental, and vision care, we offer various resources that support overall wellness, including backup dependent care, adoption assistance, infertility coverage, family support programs, behavioral health solutions, paid parental leave, and caregiver leave. We also prioritize personal growth by providing numerous training opportunities, professional development resources, mentorship programs, employee resource groups, and volunteer activities.

Equal Employment Opportunity

Cencora is dedicated to equal employment opportunities regardless of race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status, or other protected classes under federal, state, or local laws. Our success relies on the effective utilization of all qualified individuals. Harassment of any kind is strictly prohibited, and we ensure compliance with equal opportunity principles in recruitment, training, compensation, benefits, promotions, and transfers.

We are also committed to providing reasonable accommodations during the employment process for individuals with disabilities, consistent with legal requirements. If you wish to request an accommodation, please reach out to our HR department during the application process. We will review each request on an individual basis.

Affiliated Companies

AmerisourceBergen Services Corporation