Jobs · Education · Georgia

Principal, Cyber Security

Newell Brands · Atlanta, GA · 3 wk ago
HybridEducationFull-time

Job Summary

The Cyber Security Principal reports to the Senior Manager of Security Operations and serves as a senior technical leader within the Newell Brands information security program. This role is the primary Incident Commander for the Cyber Security Incident Response Plan (CSIRP) — owning end-to-end response coordination for high-severity and critical security incidents across Newell’s global environment.

Key Responsibilities

Incident Command & Response

- Serve as primary Incident Commander in accordance with the Newell Brands CSIRP, leading response activities across all CSIRT functional teams for high-severity and critical incidents. - Make and communicate time-sensitive decisions to contain incidents, prevent escalation and restore normal operations as quickly and efficiently as possible. - Coordinate response activities across Security Operations, IT, Legal, HR, Corporate Communications, Privacy and other cross-functional teams, ensuring alignment with CSIRP priorities. - Partner with the CISO to brief executive leadership, the Information Security Governance Committee, and other key stakeholders on incident status, business impact and response actions. - Determine when to activate external IR retainer resources, manage those vendor relationships throughout an engagement, and ensure evidentiary integrity. - Lead post-incident reviews and after-action analysis; document findings and drive implementation of corrective actions to reduce recurrence. - Maintain and continuously improve CSIRP documentation, incident runbooks and playbooks; conduct tabletop exercises and simulation drills at least annually.

Security Engineering & Control Improvement

- Develop and recommend security control improvements based on incident findings, threat intelligence and gap assessments across endpoint, network, identity and cloud environments. - Design, build and maintain detection engineering content — SIEM correlation rules, behavioral analytics and custom signatures — to improve fidelity and reduce mean time to detect. - Lead automation initiatives across Security Operations workflows including alert triage, enrichment, containment actions and case management integrations (SOAR/XSOAR or equivalent). - Evaluate emerging security technologies and make evidence-based recommendations for tooling investments that improve detection and response capabilities. - Collaborate with IT and infrastructure teams to validate that security controls are implemented correctly and test them through adversary simulation and purple team activities.

Security Operation

- Provide senior-level oversight and mentorship to SOC analysts, elevating investigation quality and analyst skill development across the team. - Support Threat and Vulnerability Management, monitoring and alerting functions, ensuring operational coverage and response readiness across global time zones. - Maintain an in-depth understanding of Newell Brands’ current and forward-looking threat profile relevant to a global consumer goods company. - Own the development and maintenance of KPIs and metrics that demonstrate measurable improvement in Security Operations maturity and risk reduction. - Develop and maintain trusted relationships with stakeholders across IT, Legal, HR, Privacy, Ethics and business unit leadership. - Regularly engage the information security community to identify emerging threats, intelligence and techniques that may impact Newell Brands.

Education

Bachelor’s degree in Information Security, Computer Science, Information Management Systems or a related field required.

Required Qualification

- 10+ years of experience in cyber security required, with a minimum of 5 years in a dedicated Incident Response or Security Operations role. - Demonstrated experience serving as an Incident Commander or leading response efforts for high-severity incidents (ransomware, data breach, nation-state intrusion or equivalent). - Proven experience managing cross-functional response teams under pressure, including coordination with Legal, Communications and executive stakeholders. - Experience managing and directing external IR retainer engagements and third-party forensic vendors. - Hands-on expertise with endpoint and network-based forensic investigation, malware analysis and log-based intrusion analysis. - Practical security engineering experience: SIEM detection content development, SOAR playbook authoring and security automation scripting (Python, PowerShell or equivalent). - Demonstrated ability to provide security control recommendations and architecture guidance across endpoint, network, cloud (Azure, M365) and identity environments. - Strong knowledge of network protocols, OS internals and application-layer vulnerabilities, along with corresponding risk mitigations. - Prior experience in a Fortune 500 or complex global enterprise environment preferred.

Preferred Qualifications

One or more of the following certifications or similar: - GIAC Certified Incident Handler (GCIH) - BTL2 (Security Blue Team Level 2) - OffSec Defense Analyst (OSDA) - Certified Information Systems Security Professional (CISSP)

Similar jobs