Carrier Global Corp
Sr Mgr, Incident Response & Exposure Management
Carrier Global Corp, Palm Beach Gardens, Florida, United States, 33418
Sr. Manager, Incident Response & Exposure Management
Carrier's Cybersecurity team is seeking a highly skilled and experienced Sr. Manager, Incident Response & Exposure Management to lead advanced threat detection, incident response, exposure management, forensic investigations, and proactive threat hunting activities. This role requires deep technical expertise in incident response, digital forensics, network protocol analysis, threat intelligence, and enterprise attack surface management. As a senior member of our growing Cybersecurity Operations team, you will play a critical role in identifying, tracking, and understanding threats to the organization. You'll support complex incident response investigations, analyze endpoint and network telemetry, proactively hunt for adversaries, and help reduce organizational risk by managing and minimizing the attack surface. This is a unique opportunity to join a rapidly expanding cybersecurity team where your expertise will directly influence the development of foundational processes and outcomes. You'll work on high-impact investigations, collaborate with top-tier professionals, and help shape the future of Carrier's threat detection, response, and exposure management capabilities in a global enterprise environment. Key Responsibilities
Lead and execute advanced incident response investigations, including endpoint and network forensics, malware analysis, and root cause determination. Conduct proactive threat hunting using behavioral analytics, threat intelligence, and anomaly detection across enterprise systems. Perform deep packet inspection and protocol analysis to identify malicious activity and lateral movement. Analyze and correlate data from multiple sources (EDR, SIEM, threat intel, etc.) to detect and respond to sophisticated threats. Identify and assess external and internal attack surface exposures, including misconfigurations, shadow IT, and vulnerable assets. Collaborate with exposure vulnerability management teams to prioritize and remediate high-risk findings based on threat intelligence and exploitability. Support and mentor junior analysts during investigations and threat hunting engagements. Develop and maintain incident response playbooks, forensic procedures, and detection logic. Interface with legal, compliance, and business stakeholders during incident response activities and post-incident reviews. Maintain awareness of emerging threats, vulnerabilities, and adversary tactics, techniques, and procedures (TTPs). Basic Qualifications
Bachelor's degree in Computer Science, Cybersecurity, or Information Technology. 10+ years of experience in cybersecurity operations, with a focus on incident response, digital forensics, threat hunting, Red Team, or exposure management. Preferred Qualifications
Industry certifications such as GCFA, GNFA, GREM, OSCP, or similar. Experience with tools such as SIEM, Wireshark, Magnet, EnCase, CrowdStrike, Qualys, and Attack Surface Management platforms. Experience with scripting or automation (e.g., BASH, Python, PowerShell) to support investigations and data analysis. Familiarity with cloud environments (AWS, Azure) and associated security tooling. Experience supporting legal or regulatory investigations, including evidence handling and chain of custody. Demonstrated experience in: SIEM and log analysis, Endpoint and network forensics, Protocol analysis (e.g., TCP/IP, HTTP/S, DNS, SMB), Target Digital Network Analyst (TDNA) or Digital Network Exploitation Analyst (DNEA), Attack surface discovery and reduction, Vulnerability assessment and risk-based remediation.
Carrier's Cybersecurity team is seeking a highly skilled and experienced Sr. Manager, Incident Response & Exposure Management to lead advanced threat detection, incident response, exposure management, forensic investigations, and proactive threat hunting activities. This role requires deep technical expertise in incident response, digital forensics, network protocol analysis, threat intelligence, and enterprise attack surface management. As a senior member of our growing Cybersecurity Operations team, you will play a critical role in identifying, tracking, and understanding threats to the organization. You'll support complex incident response investigations, analyze endpoint and network telemetry, proactively hunt for adversaries, and help reduce organizational risk by managing and minimizing the attack surface. This is a unique opportunity to join a rapidly expanding cybersecurity team where your expertise will directly influence the development of foundational processes and outcomes. You'll work on high-impact investigations, collaborate with top-tier professionals, and help shape the future of Carrier's threat detection, response, and exposure management capabilities in a global enterprise environment. Key Responsibilities
Lead and execute advanced incident response investigations, including endpoint and network forensics, malware analysis, and root cause determination. Conduct proactive threat hunting using behavioral analytics, threat intelligence, and anomaly detection across enterprise systems. Perform deep packet inspection and protocol analysis to identify malicious activity and lateral movement. Analyze and correlate data from multiple sources (EDR, SIEM, threat intel, etc.) to detect and respond to sophisticated threats. Identify and assess external and internal attack surface exposures, including misconfigurations, shadow IT, and vulnerable assets. Collaborate with exposure vulnerability management teams to prioritize and remediate high-risk findings based on threat intelligence and exploitability. Support and mentor junior analysts during investigations and threat hunting engagements. Develop and maintain incident response playbooks, forensic procedures, and detection logic. Interface with legal, compliance, and business stakeholders during incident response activities and post-incident reviews. Maintain awareness of emerging threats, vulnerabilities, and adversary tactics, techniques, and procedures (TTPs). Basic Qualifications
Bachelor's degree in Computer Science, Cybersecurity, or Information Technology. 10+ years of experience in cybersecurity operations, with a focus on incident response, digital forensics, threat hunting, Red Team, or exposure management. Preferred Qualifications
Industry certifications such as GCFA, GNFA, GREM, OSCP, or similar. Experience with tools such as SIEM, Wireshark, Magnet, EnCase, CrowdStrike, Qualys, and Attack Surface Management platforms. Experience with scripting or automation (e.g., BASH, Python, PowerShell) to support investigations and data analysis. Familiarity with cloud environments (AWS, Azure) and associated security tooling. Experience supporting legal or regulatory investigations, including evidence handling and chain of custody. Demonstrated experience in: SIEM and log analysis, Endpoint and network forensics, Protocol analysis (e.g., TCP/IP, HTTP/S, DNS, SMB), Target Digital Network Analyst (TDNA) or Digital Network Exploitation Analyst (DNEA), Attack surface discovery and reduction, Vulnerability assessment and risk-based remediation.