Cyber Security – Incident Responder

Howmet Aerospace is currently in search of a Cyber Security – Incident Responder to join the Cyber Security group in Pittsburgh, PA. The primary purpose of the Cyber Security – Incident Responder is to provide support for the company's cyber security initiatives, projects, and ongoing activities.

Major Activities/Key Challenges:

Support development of a cyber security incident response program for the company, including:

• Ensure compliance with Howmet Aerospace's Global Information Systems cybersecurity program and processes and all supporting tools, technology, and organizational components
• Provide input to incident response practices, including incident management and response policy and procedures, and execution of the incident response program
• Support daily and emergency help chain to business segments and corporate resource units on the execution of the company’s cybersecurity requirements
• Supports site assessments and threat analyses for Howmet Aerospace corporate and business locations
• Assists in educating associates on cybersecurity policy and best practices
• Supports updating emergency contacts and resources to maintain current incident response plan

Under the general direction of the company's Senior Manager, Cybersecurity Operations, supports ongoing and future improvement to company’s cybersecurity operations program, including but not limited to;

• Receive, assess, prioritize, and resolve tier 1/2/3 incident escalations on a rotating on-call schedule 
• Supports the daily incident identification, assessment, and response for the company's Security Information and Event Management System (SIEM)
• Understanding of standards and governance for data and asset protection
• Maintain and support cybersecurity awareness training and exercise program
• State-of-security awareness that is measured, tracked, analyzed, and reported
• Supports the development and ongoing enforcement of the cyber security risk assessment program, standards for application security (for development and production), standards for third party and supply chain cyber security, and the company Data Protection program 

Essential knowledge, skills, and abilities:

• Capable of identifying cyber security risk and mitigation strategies, technologies, programs, and operations
• Self-driven, capable of taking initiative to proactively problem solve and identify solutions
• Solid problem-solving skills; ability to think through complex technical problems and identify and resolve gaps/risks
• Organizational skills and discipline to build and maintain structured security initiatives
• Sound judgment; ability to objectively view and assess cyber security alternatives
• Strong collaboration and interpersonal skills to build relationships across global teams, appropriately managing difficult or highly technical conditions
• Results driven and accountable for actions
• Works equally well whether independently or as part of a physical or virtual global team
• Sound investigation skills
• Ability to work with data of highest sensitivity in complete confidence
• This position may require up to 5% domestic travel for business needs, including site visits, meetings, or training sessions.  All travel will be planned in advance. 

Basic Qualifications:

• Associate’s degree from an accredited institution
• Experience investigating cyber security incidents and following through to resolution
• Employees must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of Hire.  Visa sponsorship is not available for this position.

Preferred Qualifications:

• Bachelors’ degree from an accredited institution
• Cyber security certification(s) such as: CEH, SANS GCIH, CompTIA Network+, CompTIA Security+
• Experience working incident investigations including escalations 3rd party Cyber Security partners and company management
• Cyber Security Operation Center experience in monitoring, incident response, or digital forensics
• Knowledge of Firewall, proxy, reverse proxy, VPN
• Understanding of the generated logs and security architectures.
• Knowledge of standard protocols (HTTP, FTP, DNS, SSL ...)
• Knowledge of Windows / Linux architectures
• Knowledge of Microsoft M365 security

 

Salary range: $70 – 90k/year approximation (Actual compensation is subject to variation due to factors such as education, experience, skillset, and/or location).

Howmet Aerospace Inc. (NYSE: HWM), headquartered in Pittsburgh, Pennsylvania, is a leading global provider of advanced engineered solutions for the aerospace and transportation industries. Our primary businesses focus on jet engine components, aerospace fastening systems, titanium structural parts and forged wheels. With $6.6 billion in revenue in 2023, our products play a crucial role in enabling fuel efficiency and lightweighting, contributing to our customers’ success and making a positive impact on the world. To learn more about the way Howmet Aerospace Inc. is advancing the sustainability of our customers, markets, and communities where we operate, review the 2023 Environmental Social and Governance report at www.howmet.com/esg-report. Follow: LinkedIn, Twitter, Instagram, Facebook, and YouTube. Equal Opportunity Employer: Howmet is proud to be an Equal Employment Opportunity and Affirmative Action employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or other applicable legally protected characteristics. If you need assistance to complete your application due to a disability, please email TalentAcquisitionCoE_Howmet@howmet.com