Engineer III - Cyber Incident Response

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
Job Details
Position Summary
The Engineer III, Cyber Incident Response, is a senior technical role within the Security Operations Center (SOC) responsible for leading complex incident investigations and supporting the continuous improvement of detection and response capabilities. This role provides advanced technical expertise in identifying, analyzing, containing, and remediating cyber threats. The Engineer III will act as a mentor to junior analysts, serve as an escalation point for critical incidents, and collaborate with global cyber defense teams to ensure timely and effective responses to advanced threats.
Primary Duties and Responsibilities

• Lead the investigation and resolution of complex security incidents, including advanced persistent threats, ransomware, phishing campaigns, and insider activities.
• Perform forensic analysis across endpoints, networks, and cloud environments to identify root causes and scope of compromise.
• Develop and enhance incident response playbooks, runbooks, and detection use cases.
• Collaborate with threat intelligence, vulnerability management, and countermeasures teams to strengthen defenses.
• Escalate high-severity incidents to senior leadership and provide clear, actionable reporting.
• Act as a technical escalation point for Engineer I/II analysts during incident investigations.
• Contribute to red team and purple team exercises to validate and improve response capabilities.
• Participate in after-action reviews and lessons-learned sessions to improve SOC processes.
• Mentor and train junior engineers on incident response best practices and investigative techniques.

Education and Qualifications

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or equivalent work experience; Master's degree preferred.
• Strong knowledge of incident response methodologies, digital forensics, and adversary tactics.
• Familiarity with security frameworks such as NIST, MITRE ATT&CK, and ISO 27035.

Preferred Certifications

• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Forensic Analyst (GCFA)
• Certified Ethical Hacker (CEH)
• Certified Information Systems Security Professional (CISSP)

Work Experience

• 5-7 years of progressive experience in cybersecurity, with at least 3 years in incident response or SOC operations.
• Hands-on experience with SIEM, EDR, SOAR, and forensic tools (e.g., Splunk, CrowdStrike, EnCase, Wireshark).
• Proven ability to investigate advanced threats and coordinate response activities across teams.
• Demonstrated success in mentoring junior analysts and improving SOC processes.
• Strong written and verbal communication skills with the ability to document and present technical findings clearly.

What Cencora offers
We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit https://www.virtualfairhub.com/cencora
Full time
Equal Employment Opportunity
Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.
The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.
Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email [email protected]. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned
Affiliated Companies
Affiliated Companies: AmerisourceBergen Services Corporation