CSOC Incident Response Lead jobs in United States
cer-icon
Apply on Employer Site
company-logo

Sherwin-Williams · 20 hours ago

CSOC Incident Response Lead

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$109K/yr - $140K/yr
date8+ years exp

Sherwin-Williams is a company dedicated to inspiring and improving the world through innovative solutions. They are seeking a CSOC Incident Response Lead to oversee and coordinate the response to all security incidents, ensuring effective communication and risk minimization during incidents.

ChemicalManufacturingSales
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Serve as the primary point of contact and decision-maker during cybersecurity incidents
Assist in utilization of full CSOC toolset in support of IR (i.e. SIEM / SOAR, sandbox, email security, End Point Detection and Response, etc.)
Lead and coordinate incident response efforts within the Triage & Response team, including mobilizing resources, assessing the situation, and implementing response plans
Collaborate with internal and external stakeholders to gather information, assess impact, and prioritize response actions
Provide clear and timely communication to stakeholders, including executive leadership, throughout the incident lifecycle
Implement and refine the analysis and forensics process
Implement and refine incident response procedures, protocols, and playbooks to enhance effectiveness and efficiency
Conduct monthly post-incident reviews to help identify lessons learned, areas for improvement, and enforce consistent action item remediation with analysts, engineers, and relevant stakeholders
Stay abreast of emerging cyber threats, vulnerabilities, and best practices in incident response through collaboration with Vulnerability management and Cyber Threat Intelligence teams
Hold monthly workshops with stakeholders from Information Technology and Operational Technology to discuss on-going and future initiatives related to Incident Response
Collaborate with security engineers to enhance detection and playbook automation
Lead tabletop exercises with CSOC team members and internal stakeholders to facilitate training, identify gaps, and support continuous improvement
Assist with managing the IR database to ensure adherence to audit and compliance requirements
Support CSOC manager with vendor management of the IR retainer(s)
Oversee formal / informal IR training. Identify training opportunities with unused IR retainer credits

Qualification

Incident ResponseCybersecuritySIEM/SOARNetwork SecurityMalware AnalysisIntrusion DetectionGCIH CertificationOperating SystemsAnalytical SkillsCommunication SkillsLeadership SkillsProblem-Solving SkillsTeam Collaboration

Required

Bachelor's degree in computer science, Information Technology, or related field (or equivalent experience)
8+ years IT/Cybersecurity experience
Proven experience leading and coordinating IR efforts in a fast-paced environment
Strong technical knowledge of network security, malware analysis, intrusion detection, and related technologies
Excellent communication and interpersonal skills, with the ability to interact effectively with stakeholders at all levels and explain technical information to non-technical stakeholders
Ability to remain calm and focused under pressure, with a commitment to delivering results
Understanding of various operating systems (z/OS, Window, UNIX, Linux, AIX, etc.)
Must be legally authorized to work in the country of employment without needing sponsorship for employment work visa status now or in the future
Must be eighteen years or older

Preferred

Relevant certifications such as the GIAC Incident Handler (GCIH)
Previous experience with IR and handling
Deep understanding of cybersecurity concepts, including incident response methodologies and threat intelligence
Familiarity with relevant cybersecurity frameworks and regulations (e.g., NIST, GDPR)
SIEM/SOAR solutions, such as Splunk and Sumo Logic
CSOC or working with a Managed Security Service Provider
Threat Intelligence Platform (TIP) and importance of integrating into the SIEM in support of IR and Indicators of Compromise
Exposure to Incident Response in the Operational Technology domain

Benefits

Life … with rewards, benefits and the flexibility to enhance your health and well-being
Career … with opportunities to learn, develop new skills and grow your contribution
Connection … with an inclusive team and commitment to our own and broader communities
From retirement to health care, from total well-being to your daily commute—it matters to us.

Company

Sherwin-Williams

twittertwittertwitter
Glassdoor3.8
company-logo
Sherwin-Williams Company engages in the development, manufacture, distribution, and sale of paints, coatings, and related products.
dateFounded in 1866
location
Cleveland, Ohio, USA
people-size10001+ employees
web-link
http://www.sherwin-williams.com

Funding

Current Stage
Public Company
Total Funding
unknown
1964-02-11IPO

Leadership Team

leader-logo
Heidi Petz
Chief Executive Officer
linkedin

Recent News

Morningstar.com
Ideal Siding Opens 20+ Locations in 2025, Kicks Off 2026 on Path to 100+ Units
2026-01-22
The Motley Fool
Is Sherwin-Williams Still a Buy After Its 115,000% Run?
2025-12-21
EIN Presswire
Automotive Flooring Market 2025-2029: Revealing Growth Trends and Recent Developments
2025-12-05
Company data provided by crunchbase