Company: Baker Hughes
Skills: IT - Analysis & Management, Risk Management
Experience: 7 + Years
Education: High School/Secondary
Location: Austin, Texas, United States


Lead Cyber Incident Responder (Remote)

Do you enjoy being part of a successful team?

Do you like working in collaborative teams and solving technical problems?

Join our Digital Technology Team!

Our Digital Technology business provides intelligent, connected technologies to monitor and control our energy extraction assets. We provide customers with the peace of mind needed to reliably and efficiently improve their operations. Our team creates business value through continuous improvement in up-time, resilience, performance, time to market, security and compliance.

Partner with the best

As a Sr. Staff Incident Responder, you will provide prevention, detection, response, and remediation activities to ensure information assets and technologies are adequately protected. This includes EDR, SIEM, AV, IDS/IPS and more. In this role you will provide guidance to junior analysts, work with technology teams to tune rules, and serve as an incident commander for cybersecurity incidents impacting the Baker Hughes environment.

As a Sr. Staff Incident Responder, you will be responsible for:

• Serving as an escalation point from junior analysts to provide triage and response guidance

• Managing cybersecurity incidents, including identification, containment, eradication, and remediation

• Assisting in the development of new use-cases in the SIEM alongside the Threat Detection Operations and Security Engineering teams

• Developing processes and procedures for incident response to help standardize Detection & Response activities

• Leveraging cyber threat intelligence indicators provided by the CTI team to help enrich detection and response

• Performing threat hunting activities using data collected from within the Baker Hughes environment

Fuel your passion

To be successful in this role you will:
  • Have at least 7 years of experience in cybersecurity, with a focus on detection and response to malicious activity using log data from systems, network devices, and security tools
  • Have experience with core enterprise infrastructure and security-supported technologies including data protection elements such as DLP, tokenization, encryption, endpoint security, and perimeter protection such as firewalls or WAF, SIEMs, IPS/IDS, and managed security services
  • Have scripting experience with Bash, PowerShell, or Python and the ability to use these skills to aid in responding to incidents involving Windows, Linux, and Mac hosts
  • Have experience developing detection logic for enterprise SIEM systems and with exploitation techniques and use case development
  • Have experience writing procedural documentation (playbooks and runbooks) to serve as job aids for junior analysts
  • Have experience with cybersecurity tools and software, E.g. Splunk, McAfee, CrowdStrike, Windows Defender, SELinux, Syslog, Palo Alto, and Cisco
  • Have experience serving as a team leader for junior analysts, providing ad hoc guidance and more formal training
  • Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain
  • Have strong oral and written communication skills Strong interpersonal and leadership skills


Work in a way that works for you

We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:

• Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive

• This role is remote based

Working with us

Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other.

Working for you

Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect:

• Contemporary work-life balance policies and wellbeing activities

• Comprehensive private medical care options

• Safety net of life insurance and disability programs

• Tailored financial programs

• Additional elected or voluntary benefits

About Us

With operations in over 120 countries, we provide better solutions for our customers and richer opportunities for our people. As a leading partner to the energy industry, we're committed to achieving net-zero carbon emissions by 2050 and we're always looking for the right people to help us get there. People who are as passionate as we are about making energy safer, cleaner and more efficient.

Join Us

Are you seeking an opportunity to make a real difference in a company with a global reach and exciting services and clients? Come join us and grow with a team of people who will energize and inspire you!
About Us:
With operations in over 120 countries, we provide better solutions for our customers and richer opportunities for our people. As a leading partner to the energy industry, we're committed to achieving net-zero carbon emissions by 2050 and we're always looking for the right people to help us get there. People who are as passionate as we are about making energy safer, cleaner and more efficient.

Join Us:
Are you seeking an opportunity to make a real difference in a company that values innovation and progress? Join us and become part of a team of people who will challenge and inspire you! Let's come together and take energy forward.

Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.