Fast Facts

Join Elsevier as a Senior InfoSec Incident Response Engineer, where you will lead cyber forensic investigations and enhance security protocols against emerging threats.

Responsibilities: Develop and execute security incident response plans, lead investigations of security incidents, analyze security events, and improve security capabilities.

Skills: Advanced knowledge of cloud security, forensic investigation, risk mitigation, vulnerability assessment, and security event analysis.

Qualifications: Licensing/certification in related fields such as CISSP, CISM, or ethical hacking required; experience in security threat analysis preferred.

Location: Home based-Pennsylvania, United States of America

Compensation: Not provided by employer. Typical compensation ranges for this position are between $110,000 - $150,000.

Elsevier employs 9,200 people worldwide, including over 2,500 technologists. We have supported the work of our research and health partners for more than 140 years. Growing from our roots in publishing, we offer knowledge and valuable analytics that help our users make breakthroughs and drive societal progress.

Are you looking for a unique Cyber Security role whereby you will provide key insight and research into new threats, exploits, and mitigation techniques?

About the role: You will be entrusted as the senior most technical member of incident response handler for our global information security organization

About the team: This global team supports the Information Security department’s goals and objectives by addressing escalations, and evaluation of technology controls providing key insight and research in new threats, exploits, and mitigation techniques

Key Responsibilities:

• Help improve the resilience and readiness of security protection and mitigation technologies and processes which ensure the confidentiality, integrity, and availability of the organization’s assets, information, data, and IT services in an efficient manner.
• Develop and execute security incident response plans, conduct cyber forensic investigations on physical endpoints and cloud platforms, independently lead the full life-cycle of incident response investigations of all reported security incidents.
• Develop comprehensive incident reports and investigation summaries. Develop and collect intelligence to proactively detect and identify high-confidence threats to the brand, service infrastructure and enterprise users and systems.
• Responsible for analyzing/validating security control requirements and tuning, defining the mitigation rules, scripting and performing changes or mitigating attacks, and assisting with troubleshooting support related to any issues which may arise from security detection or protection technologies.
• Assist with reviewing existing tools, applications, and processes to help strengthen and optimize current security capabilities, as well as identifying any gaps or technical solutions to further enhance the team’s effectiveness.
• Lead analysis and review security events for anomalous activity, collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats.

Requirements

• Advanced knowledge of security of cloud agnostic infrastructure.
• Ability to conduct forensic and incident response investigations. Understanding of incident response and risk mitigation workflow and planning.
• Analysis of security events for anomalous activity. Identification of emerging security threats.
• Able to develop and implement security improvement and remediation programs.
• Vulnerability assessment, exploitation techniques, malware reverse engineering, threat analysis, and security threat and incident reporting.
• Investigation and navigation in Cloud and Web-based environments.
• Licensing/certification required (at least one of the following): CCFE, GCFE, CISSP, CISM, SANS, GIAC, ISACA, CSRIC (or related), ethical hacking/penetration tester certification, and/or security risk assessment certification

Work in a way that works for you

We promote a healthy work/life balance across the organization. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance and sabbaticals, we will help you meet your immediate responsibilities and your long-term goals.

• Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive.

Working for you

• We know that your wellbeing and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer:
• Health Benefits: Comprehensive, multi-carrier program for medical, dental and vision benefits
• Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan
• Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time-off Programs
• Short-and-Long Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity
• Family Benefits, including bonding and family care leaves, adoption and surrogacy benefits
• Health Savings, Health Care, Dependent Care and Commuter Spending Accounts

-----------------------------------------------------------------------

Elsevier is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form: https://forms.office.com/r/eVgFxjLmAK , or please contact 1-855-833-5120.

Please read our Candidate Privacy Policy.