Howmet Aerospace is currently in search of a Cyber Security, Senior Incident Responder to join the Global Information Systems group in Pittsburgh, PA. This is a crucial role in safeguarding Howmet's digital assets through proactive detection and analysis as well as responding to cyber security incidents in a timely manner. This position provides support across Howmet's global business and resource units.

Major Activities/Key Challenges:

Supports development of a cyber security architecture plan for the company:

• Ensure compliance with Howmet Aerospace's Global Information Systems cyber architecture and processes and all supporting tools, technology, and organizational components
• Serve as a subject matter expert in incident response practices, including the design of incident management and response policy and procedures, and execution of the incident response program
• Support daily and emergency help chain to business segments and corporate resource units on the execution of the company's cyber security requirements
• Lead site assessments and threat analyses for Howmet Aerospace corporate and business locations
• Supporting regular bench-marking exercises to test both the principles and overarching designs of our cyber security architecture

Drives change and transformation from the company's current cyber security program to more secure states:

• Receive, assess, prioritize, and resolve tier 2/3 incident escalations and also provides support on a rotating, on call schedule
• Supports the daily incident identification, assessment, and response for the company's Security Information and Event Management System (SIEM)
• Supports the development of a formal cyber security risk assessment program and maintaining a vulnerability/gap/response assessment program
• Drives the development and deployment of the cyber security architecture for infrastructure and applications globally, ensuring architecture consistently addresses current and emerging cyber threats
• Supports the development and ongoing enforcement of standards for application security, development and production as well as for third party and supply chain systems
• Leads ongoing initiatives to develop, collect, and analyze integrated logs for the SIEM to assist in forensic analysis and cyber event response
• Supports ongoing activities to develop, communicate, and support appropriate standards and risk controls associated with digital data
• Supports the development and maintenance of a company Data Protection program

Essential knowledge, skills and abilities:

• Self-driven, capable of taking initiative to proactively problem solve and identify solutions
• Solid problem-solving skills; ability to create and think through complex technical problems and identify and resolve gaps / risk swiftly
• Organizational skills and discipline to build and maintain structured plans
• Sound judgement; ability to objectively view and assess cyber security alternatives grounded in logic
• Strong collaboration and interpersonal skills to build relationships across global teams, appropriately managing difficult or highly technical conditions
• Results driven and accountable for actions
• Adaptable, can pivot approach to match shifting demands and navigate team dynamics
• Works equally well whether independently or as part of a physical or virtual, global team
• Ability to work with data of highest sensitivity in complete confidence

Basic Qualifications:

• Associate's degree from an accredited institution
• Minimum 5 years leading response to cyber security incidents
• Employees must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of Hire. Visa sponsorship is not available for this position.

Preferred Qualifications:

• Bachelors' degree from an accredited institution
• Cyber security certification(s) such as: CEH, SANS GCIH, CompTIA Network+, CompTIA Security+
• Experience working incident investigations including escalations 3rd party Cyber Security partners and company management
• Cyber Security Operation Center experience in monitoring, incident response, or digital forensics
• Knowledge of Firewall, proxy, reverse proxy, VPN
• Understanding of the generated logs and security architectures.
• Knowledge of standard protocols (HTTP, FTP, DNS, SSL ...)
• Knowledge of Windows / Linux architectures
• Knowledge of Microsoft M365 security

Salary range: $110k - $130k/year approximation (Actual compensation is subject to variation due to factors such as education, experience, skillset, and/or location).