The Engineer II, Cyber Incident Response, is a mid-level technical role within the Security Operations Center (SOC) responsible for detecting, investigating, and responding to cybersecurity incidents. This role performs in-depth analysis of alerts, escalates complex cases, and contributes to the improvement of response processes and playbooks. The Engineer II will collaborate with global cyber defense teams to contain threats, minimize business impact, and strengthen detection capabilities. This position requires strong analytical skills, hands-on technical expertise, and the ability to operate effectively in a fast-paced environment.
Primary Duties and Responsibilities
- Investigate and respond to cybersecurity incidents, including phishing, malware, ransomware, and unauthorized access attempts.
- Perform analysis of logs, alerts, and forensic data to determine the scope and impact of incidents.
- Escalate complex or high-severity incidents to Engineer III, Lead, or Principal staff, providing clear documentation and evidence.
- Assist in containment, eradication, and recovery activities during incident response.
- Contribute to the development and maintenance of SOC playbooks, runbooks, and standard operating procedures.
- Collaborate with threat intelligence, vulnerability management, and forensics teams to strengthen detection and response strategies.
- Participate in lessons-learned sessions and recommend improvements to SOC processes and tooling.
- Support junior analysts (Engineer I) by sharing knowledge and providing guidance on investigative techniques.
What your background should look like
Education and Qualifications
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or equivalent work experience.
- Strong knowledge of cybersecurity fundamentals, incident response methodology, and adversary tactics.
- Familiarity with industry frameworks such as NIST, MITRE ATT&CK, and ISO 27035.
Preferred Certifications
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- CompTIA Security+ or CySA+
- Certified Ethical Hacker (CEH)
Work Experience
- 2-5 years of progressive experience in cybersecurity, with at least 2 years in SOC operations or incident response.
- Hands-on experience with SIEM, EDR, and forensic tools (e.g., Splunk, CrowdStrike, Wireshark).
- Demonstrated ability to analyze logs, alerts, and artifacts to support incident investigations.
- Strong written and verbal communication skills for documenting findings and briefing stakeholders.
Schedule
Full time
What the Team is Saying
Similar Jobs
What We Do
Cencora is a leading pharmaceutical solutions organization centered on improving the lives of people and animals everywhere. With 46,000+ global team members, we have the opportunity to make a positive impact on healthcare in communities everywhere.
Our team members are empowered to activate their careers through a collective of tools and resources designed to support individual career interests and aspirations. We value our listening culture that actions real outcomes and our team members appreciate and recognize one another for contributions that are making a meaningful global impact.
No matter what your role is here, the work we do together has meaning. When you join our team, you become a crucial part of a greater purpose. We’re committed to supporting you personally and professionally, so we can achieve more together at the center of health.
Gallery
Cencora Teams
Cencora Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
