Lead Security Analyst – Incident Response

Since 1869, we've connected people through food they love. We’re proud to be stewards of amazing brands that people trust. Our portfolio includes the iconic Campbell’s brand, as well as Cape Cod, Chunky, Goldfish, Kettle Brand, Lance, Late July, Pacific Foods, Pepperidge Farm, Prego, Pace, Rao’s Homemade, Snack Factory, Snyder’s of Hanover. Swanson, and V8. 

Here, you will make a difference every day. You will be supported to build a rewarding career with opportunities to grow, innovate and inspire. Make history with us.

Why Campbell’s…

• Benefits begin on day one and include medical, dental, short and long-term disability, AD&D, and life insurance (for individual, families, and domestic partners).
• Employees are eligible for our matching 401(k) plan and can enroll on the first day of employment with immediate vesting.
• Campbell’s offers unlimited sick time along with paid time off and holiday pay.
• If in WHQ – free access to the fitness center. Access to on-site day care (operated by Bright Horizons) and company store.
• Giving back to the communities where our employees work and live is very important to Campbell’s.   Our “Campbell’s Cares” program matches employee donations and/or volunteer activity up to $1,500 annually.
• Campbell’s has a variety of Employee Resource Groups (ERGs) to support employees.

How you will make history here…

As a key member of Campbell’s Cybersecurity Incident Response Team this individual will be responsible for detection, validation, containment, remediation, and communication for cybersecurity events and incidents such as malware infections, potential system compromises, Distributed Denial of Service (DDoS) attacks, and privacy breaches. This individual will be a key member on a team responsible for the rapid response and resolution of security incidents across the Campbell footprint including on-premises, the Cloud, and third-party hosted applications. This role involves working with internal and external teams to identify root causes, restore services and communicate status to affected stakeholders. In addition, the individual will be involved in activities to improve the security posture and incident response capabilities of the organization including process automation, purple team testing, metrics reporting and threat hunting.

What you will do…

50% - Incident Response

• Perform cybersecurity incident response including security event analysis, incident handling, reporting, and threat analysis. The role involves coordination with Campbell’s third-party Managed Security Services Provider (MSSP), internal information technology teams and other parties who may be engaged in the event of a cybersecurity event or incident.
• Analyze and triage events, anomalies, and incidents to ensure appropriate identification of risk to company systems and information whether on-premises, in the Cloud or managed by a third party.
• Lead, oversee and participate in the forensic analysis of cybersecurity incidents.
• Communicate and coordinate response efforts including working with the third-party MSSP, Information Technology teams, Business Leaders, Legal, Chief Security Officer and other Third Parties to mitigate the impact of a security or privacy breach.
• Prepare situation reports, escalate to leadership, and perform root cause analysis.
• Develop and report KPI’s to enable continuous improvement of information security risk management controls.

25% - Enhance/Implement Capabilities to Strengthen Detection and Response Capabilities

• Share lessons learned from incident response and threat hunting to strengthen detection and response capabilities.
• Model insider and external threats to Campbell’s systems and data.
• Assess existing detection and response capabilities and provide recommendations for improvement.
• Leverage security orchestration (SOAR) to automate security response procedures.
• Maintain and enhance security monitoring and incident response procedural documentation.
• Partner with the third-party MSSP to develop KPI’s for management.
• Validate the efficacy of security monitoring through attack simulation and purple team testing.
• Leverage lessons learned, threat modelling and emerging industry better practice, to analyze the effectiveness of the existing program (policies, technology, and awareness) to continuously improve the detection and response capabilities of the organization.
• Partner with Security Business Analysts, Security Architects to identify security logging and monitoring requirements for new initiatives especially those with privacy implications.

25% - Threat Intelligence and Threat Hunting

• Proactively seek to uncover indicators of compromise that will identify whether Campbell’s systems have been breached.
• Collect and aggregate threat intelligence from a wide variety of sources and assess for relevance to Campbell’s environment.
• Create hypotheses for analytics and testing of threat data.
• Partner with the third-party MSSP, Threat Intelligence firms and other parties to identify threats that may impact Campbell.

Job Complexity:

• Appropriately balances security risk and business impact to ensure effectiveness of detection and response controls. To be effective the position must partner with third parties, business analysts, internal and external stakeholders.
• Ability to analyze threat intelligence data to develop strategic plans and budget to address emerging risk.
• Ability to build operational processes using industry best-practice that are tailored to Campbell’s organization, system, and processes.
• Ability to effectively communicate risk including corrective action plans/recommendations to non-technical audiences including Campbell’s Executives and the Board of Directors.
• Ability to create effective reports and presentations tailored to different audiences to ensure transparency and understanding of the program.
• Ability to gather information from multiple sources to quickly assess the impact of a potential security event/breach within the environment.
• Translate security events into non-technical language for leadership.
• Ability to analyze and identify tasks suitable for automation.

What you bring to the table…

7-10+ years in Information Security

5+ yrs in Incident Response

• Strong analytical skills including the ability to assess the severity and impact of a security incident.
• High level of technical expertise in information security, including deep familiarity with relevant penetration and intrusion techniques and attack vectors.
• Demonstrated ability to collaborate effectively with operational teams internally and with a third-party Managed Security Services Provider (MSSP).
• Excellent investigative skills, insatiable curiosity, and an innate drive to win.
• Instinctive and creative, with an ability to think like the enemy
• Ability to demonstrate strong computer knowledge of network protocols, desktops, servers, cloud and software as a service technology.
• Experience with Security Information and Event Management (SIEM) platforms, next generation firewalls, email security platforms, Endpoint detection and response technologies, Data Loss Prevention Software, Web Proxies, and Web Application Firewalls.
• Familiarity with common scripting languages like Python and/or Powershell.
• Familiarity with commonly deployed information technology resources including email, web, network, workstation and servers.
• Strong problem-solving and trouble-shooting skills
• Self-motivated and able to work independently.
• Strong written and verbal communication skills.

Candidates local to our corporate office in Camden, NJ preferred but open to remote (with occasional travel to corporate office)

Compensation and Benefits:

The target base salary range for this full-time, salaried position is between 

Individual base pay depends on work location and additional factors such as experience, job-related skills, and relevant education or training. Total pay may include other forms of compensation. In addition, we offer competitive health, dental, 401k and wellness benefits beginning on the first day of employment. Please ask your Talent Acquisition Partner for more information about our total rewards package.

The Company is committed to providing equal opportunity for employees and qualified applicants in all aspects of the employment relationship, including consideration for employment, without regard to race, color, sex, sexual orientation, gender identity, national origin, citizenship, marital status, protected veteran status, disability, age, religion, or any other classification protected by law.