Sr. CyberThreat Engineer - Incident Response (Remote)

Job Posting:

Since 1953, Ferguson has been a source of quality supplies for a variety of industries. Together We Build Better infrastructure, better homes and better businesses. We exist to make our customers’ complex projects simple, successful, and sustainable. We proactively solve problems, adapt and grow to continuously serve our customers, communities and each other. Ferguson is proud to provide best-in-class products, service and capabilities across the following industries: Commercial/Mechanical, Facilities Supply, Fire and Fabrication, HVAC, Industrial, Residential Trade, Residential Building and Remodel, Waterworks and Residential Digital Commerce. Ferguson has approximately 36,000 associates across 1,700 locations. Ferguson is a community of proud associates who operate with the shared purpose of building something meaningful. You will build a career that you are proud of, at a company you can believe in.

Job Title: Senior CyberThreat Engineer - Incident Response

Department: Ferguson, Associate Technology and Cyber Operations

The CyberThreat Engineer is a technical contributor on the CyberThreat Prevention Team, whose mission it is to prevent, detect, and respond to security incidents and to drive remediation across the enterprise. This specific position is responsible for the technical platforms and related standards that support the CyberThreat Prevention team’s mission. This includes subject-matter leadership for the operation and stewardship of Security technology and processes that detect, prevent, and respond to threats to Ferguson’s IT infrastructure and services. Technology platforms include operating and/or integrating with Security Incident Management, Threat Intelligence, Security Information and Event Management (SIEM), Email Security, Firewalls, DDoS prevention, Wireless Security, URL Filtering, Intrusion Prevention, and related systems. This position works directly with IT, headquarters, branch management, and with external business partners to achieve the vital business goals.

This position requires strong partnership with IT, Security, business, and third-party SOC and other key collaborators, to ensure that Ferguson can execute its business plans.

**This role is approved to be fully remote and can be based anywhere in the United States.**

Duties and Responsibilities:

Threat Prevention and Incident Response

• Drive Incident response process, including actively responding, mitigating, and/or providing direction to related collaborators.
• Conduct in-depth analysis of security incidents to determine root cause, impact, and remediation steps.
• Assist the Incident Response Lead in handling incidents and coordinating response efforts.
• Provide stewardship of all process and technology aspects of CyberThreat Prevention services.
• Engage with 3rd party SOC to implement high quality, efficient processes, and drive “shift left” processes and response automation.
• Assist the Incident Response Lead …