Cyber Incident Response Lead

Job Description Description Cyber Incident Response Lead Syneos Health is a leading fully integrated biopharmaceutical solutions organization built to accelerate customer success. We translate unique clinical, medical affairs and commercial insights into outcomes to address modern market realities. Every day we perform better because of how we work together, as one team, each the best at what we do. We bring a wide range of talented experts together across a wide range of business-critical services that support our business. Every role within Corporate is vital to furthering our vision of Shortening the Distance from Lab to Life. Discover what our 29,000 employees, across 110 countries already know. WORK HERE MATTERS EVERYWHERE Why Syneos Health - We are passionate about developing our people, through career development and progression supportive and engaged line management technical and therapeutic area training peer recognition and total rewards program. - We are committed to our Total Self culture - where you can authentically be yourself. Our Total Self culture is what unites us globally, and we are dedicated to taking care of our people. - We are continuously building the company we all want to work for and our customers want to work with. Why Because when we bring together diversity of thoughts, backgrounds, cultures, and perspectives - we're able to create a place where everyone feels like they belong. Job Responsibilities Responsibilities: - Serve as a Level 3 point of escalation for potential security events and incidents. - Lead advanced incident response activities to investigate, contain, and respond to complex and large-scale cybersecurity threats. - Manage multiple cases related to confirmed security events or incidents throughout the incident response lifecycle, ensuring thorough documentation and successful conclusion according to documented procedures. - Coordinate incident response investigation and remediation actions in alignment with standard operation procedures (SOPs) and escalate incidents according to the Enterprise Incident Response plan. - Lead cross-functional post-incident reviews to identify root cause, improve detection or prevention gaps, and eliminate identified risks. - Leverage security automation platforms to streamline incident response activities and reduce time to contain and remediate threats. - Maintain an understanding of the technological environment including common Operating Systems, cloud environments and resources, and supporting infrastructure components (e.g. firewalls, storage, infrastructure as code). - Develop and conduct regular threat hunting exercises to uncover risky activity and anomalies within the environment. - Develop and maintain regular reporting to support operational reviews of Incident Response and Threat Hunting capabilities, as well as monitor incident trends, threat landscape, and lessons learned. - Lead and participate in internal team meetings and regular vendor touchpoints to drive the continuous improvement of the Incident Response function. - Cross-collaborate with other Security and IT teams, such as Security Engineering and Workstation Engineering, to address identified gaps and drive risk reduction efforts. - Coach and mentor junior members of the Cyber Defense team. Get to know Syneos Health Over the past 5 years, we have worked with 94% of all Novel FDA Approved Drugs, 95% of EMA Authorized Products and over 200 Studies across 73,000 Sites and 675,000+ Trial patients. No matter what your role is, you'll take the initiative and challenge the status quo with us in a highly competitive and ever-changing environment. Learn more about Syneos Health. Additional Information Tasks, duties, and responsibilities as listed in this job description are not exhaustive. The Company, at its sole discretion and with no prior notice, may assign other tasks, duties, and job responsibilities. Equivalent experience, skills, and/or education will also be considered so qualifications of incumbents may differ from those listed in the Job Description. The Company, at its sole discretion, will determine what constitutes as equivalent to the qualifications described above. Further, nothing contained herein should be construed to create an employment contract. Occasionally, required skills/experiences for jobs are expressed in brief terms. Any language contained herein is intended to fully comply with all obligations imposed by the legislation of each country in which it operates, including the implementation of the EU Equality Directive, in relation to the recruitment and employment of its employees. The Company is committed to compliance with the Americans with Disabilities Act, including the provision of reasonable accommodations, when appropriate, to assist employees or applicants to perform the essential functions of the job. Summary As a member of the Cyber Threat Defense team, the Incident Response Lead will respond, contain, investigate, escalate, and coordinate mitigation of security events and incidents. This individual contributor role will join a growing team of specialized, advanced responders to support escalations from the 24x7 team to ensure remediation and recovery from identified threats. In addition to Incident Response responsibilities, this individual will lead and conduct threat hunting exercises to uncover anomalies and risks within the environment. This role will report to the Associate Director, Cyber Threat Defense with a regular Monday - Friday working schedule, with the expectation and ability to work outside of normal hours to respond to cybersecurity incidents if necessary.