Cyber Security Specialist L3 (DFIR / Threat Hunting / Intelligence)
Cyber Security Specialist L3 (DFIR / Threat Hunting / Intelligence)
Cyber Security Specialist L3 (DFIR / Threat Hunting / Intelligence)
Cyber Security Specialist L3 (DFIR / Threat Hunting / Intelligence)
Cyber Security Specialist L3 (DFIR / Threat Hunting / Intelligence)

Cyber Security Specialist L3 (DFIR / Threat Hunting / Intelligence)AmerisourceBergen

What you will be doing

As a L3 cybersecurity specialist you will act as an SME and a first point of contact for security incident escalations from L1/L2 cyber operations teams and lead urgent incident investigations. You will develop security policies and procedures such as user log-on and authentication rules, security breach escalation procedures and security assessment procedures. To enforce security policies and procedures, you will monitor data security profiles on all platforms by reviewing security violation reports and investigating security exceptions. You will also update, maintain, and document security controls and provide direct support to the business and internal IT groups. Under the direction of Cyber Command Center Lead you will work directly with the customers, third parties and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk.


Acts as an SME for cyber security related matters in one of the fields (DFIR, Threat Hunting or Threat Intelligence) and leads high priority & urgency incident investigations and response.

Guides L1 and L2 cyber operations teams on best practices and conducts knowledge transfer training sessions upon technology and process implementation.

Under the direction of management, implements and maintains the enterprise-wide security policies, procedures, controls, and standards to meet compliance responsibilities.

Conducts business impact analysis to ensure resources are adequately protected with proper security measures.

Assesses threats and vulnerabilities regarding information assets and recommends the appropriate information security controls and measures.

Performs security assessments and security attestations.

Leads security investigations and compliance reviews.

Leads security monitoring to uncover possible security violations (e.g., breaches, unauthorized activity, fraud, etc).

Leads the response to security alerts and escalates critical incidents to correct support teams.

Develops and leads incident response exercises.

Participates in the development of information security disaster recovery test plans, testing, and documentation for each application.

May lead application security risk assessments for new or updated internal or third-party applications. ​

Develops, reviews, and implements runbooks and procedures for cyber operations’ activities.

What your background should look like


Bachelor’s Degree in Cybersecurity, Risk Analysis, Computer Science, Information Systems or other related field, or equivalent work experience.

5-7 years of combined IT and security work experience with a broad range of exposure to cybersecurity functions.

Hands-on experience with security tools, techniques, incidents, and experience designing and implementing security solutions.

Requires security certification (e.g., CISSP, GCTI, GCFA, GNFA or equivalent).


Proficiency with the following security tool categories: SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, TIP (e.g., SNYPR, Proofpoint, Palo Alto, Tanium, FireEye, MS Defender, Cisco AMP, Anomali).

Good understanding of cyber security frameworks (e.g., NIST, MITRE).

Working knowledge of network solutions and systems.

Skilled in running special investigations involving HR, Legal, and Corporate Security.

Experience leading major incident breach response activities.

Skilled in design, tuning, and assessment of security detection policies in cyber tools.

Skilled in developing cybersecurity tabletop scenarios.

Skilled in technical writing and maintenance of document & evidence repositories.

Strong project management skills, including the ability to effectively deploy resources and manage multiple projects of various diverse scope in a cross-functional environment.

Proficiency in at least one on these languages would be a plus: Turkish, Spanish, French.

What AmerisourceBergen offers

We offer a competitive annual bonus, life insurance from day 1 and a best-in-class health insurance package. As our employee you have the benefit of our referral bonus scheme, our boundless learning opportunities including language training and our global employee assistance program. We provide up to 6 fully paid benefit days a year and a wonderful office in Quadrum, equipped with everything you need for a small break at work and fresh snacks at all time.

Become part of our purpose-driven, multicultural team now and help us create healthier futures.

Daugiau jūsų paiešką atitinkančių rezultatų:

Duomenų tinklų inžinierius - konsultantas (-ė)
Blue Bridge grupė
€ 2000 – 3500
Galioja iki: 2023.02.04
Business Intelligence Analyst
€ 2500 – 4000
Galioja iki: 2023.02.18
Turto valdytojas (-a) (P. C. Europa)
People Link, UAB
€ 4200 – 6000
Galioja iki: 2023.02.10
Systems Architect
Alliance for Recruitment
€ 4000 – 6500
Galioja iki: 2023.02.19
Emplonet, UAB
€ 2806.47 – 6611.58
Galioja iki: 2023.02.02
Database Administrator / Developer
€ 4043 – 5776
Galioja iki: 2023.02.05