Principal Engineer – Cyber Incident Response

About Myhrabc

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!

Job Summary

The Principal Engineer, Cyber Incident Response, will serve as a senior technical expert within the global Cyber Defense team. This role is responsible for leading complex investigations, advancing detection and response capabilities, and providing deep technical expertise during major incidents.

Key Responsibilities

• Lead technical response and investigation of complex and high-severity security incidents, including advanced persistent threats, ransomware, and insider activity.
• Provide hands-on expertise in forensic analysis, malware reverse engineering, and threat hunting across endpoints, networks, and cloud environments.
• Develop and refine incident response playbooks, detection rules, and automation to improve SOC efficiency and response times.
• Partner with engineering teams to design and implement resilient detection and response capabilities across SIEM, EDR, SOAR, and cloud platforms.
• Mentor and provide technical guidance to SOC analysts, incident responders, and engineering teams.
• Collaborate with threat intelligence teams to translate threat actor tactics, techniques, and procedures (TTPs) into actionable detection and response strategies.
• Serve as a technical escalation point during major incidents and contribute to root cause analysis and lessons learned reporting.
• Contribute to red/blue/purple team exercises to validate detection and response effectiveness.
• Provide input on security architecture, tooling enhancements, and emerging technologies to strengthen enterprise cyber defense.

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or equivalent work experience; Master’s degree preferred.
• Advanced knowledge of incident response methodologies, digital forensics, malware analysis, and adversary simulation.
• Familiarity with industry frameworks such as NIST, MITRE ATT&CK, and ISO 27035.

Preferred Qualifications

• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Reverse Engineering Malware (GREM)
• GIAC Certified Forensic Analyst (GCFA)
• Offensive Security Certified Professional (OSCP)