Bring more to life.At Danaher, our work saves lives. And each of us plays a part. Fueled by our culture of continuous improvement, we turn ideas into impact – innovating at the speed of life.Our 63,000+ associates work across the globe at more than 15 unique businesses within life sciences, diagnostics, and biotechnology.Are you ready to accelerate your potential and make a real difference? At Danaher, you can build an incredible career at a leading science and technology company, where we’re committed to hiring and developing from within. You’ll thrive in a culture of belonging where you and your unique viewpoint matter.Learn about the Danaher Business System which makes everything possible.The Senior Engineer, Incident Response is responsible for helping protect Danaher’s assets and data through cybersecurity event investigation and response. This role is part of a high performing team delivering essential cybersecurity services to our operating companies.This position is part of the Danaher Corporate Information Security team, reporting to the Senior Manager, Security Operations. This is a Danaher Corporate role, hosted by our Cytiva operating company in Krakow.In this role, you will have the opportunity to:Leads cybersecurity incident response and investigations for moderate to high complexity events.Analyze large and complex technical data sets to identify abnormal user, network, and system activity warranting further investigation using SIEM, EDR, and SOAR tools.Proactively identify security and process gaps and work with colleagues to increasingly gain visibility and implement remediations.Correlate disparate data sources to provide a holistic picture of our threat detection capability, and lead continuous improvement initiatives related to MITRE ATT&CK coverage.Serve as a leader and provides guidance in assisting IT and security personnel in the collection and review of artifacts pertaining to the investigation, including briefing key leaders on technical findings and business impact.Identify Use Cases for implementation in EDR/SIEM to improve detection coverage.The essential requirements of the job include:A minimum of 7 years of experience in information technology, with a significant portion devoted to security operations, security engineering, or incident response.Strong understanding of technology concepts such as TCP/IP, DHCP, DNS, authentication, authorization, Microsoft Active Directory and Windows OS architecture, and network traffic control.Maintain strong information security knowledge of threat actor tactics, techniques, and procedures to identify potential risks and develop achievable and effective mitigation strategies.Ability to review and determine the functionality of advanced malicious scripts written in python or other common scripting language.Track record for working as an individual contributor and as a member of a matrixed team, with the ability to coach, review, or delegate work to lower-level professionals and lead through influence.It would be a plus if you also possess previous experience in:Bachelor’s degree in a related field or equivalent work experience.Previous experience in large global complex environments.Prior experience in disk forensics, memory forensics, and/or cloud response.Prior experience working with a Security Operations Center or Managed Security Services Provider (MSSP) to implement and enhance threat detection and response capability.Specialized industry certifications such as CISSP, GIAC GSEC, GIAC GCIH and GIAC GREM.Join our winning team today. Together, we’ll accelerate the real-life impact of tomorrow’s science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life.For more information, visit .
