Job Description
The Next Level of Fire & Life Safety Leadership
With more than two centuries of combined history, brands like Kidde, Kidde Commercial, Edwards, GST, Badger, Gloria and Aritech have been leading the way in protecting people and property around the world. Now, we’re taking that leadership to the next level. Kidde Global Solutions brings together the most trusted and iconic brands in safety, building upon our shared experience and expertise to address the needs and challenges of more customers in more places. With an unmatched portfolio of solutions and services, and a commitment to constant innovation we’re elevating the standards for an entire industry – and establishing the next level of fire and life safety leadership.
At Kidde Global Solutions, you’re joining a global technology leader in fire and life safety solutions and our employees are the heart of it all. With industry-defining brands in life safety and security, you’ll be part of a legacy of leadership working with cutting-edge technologies that protect lives and property worldwide. As a leading fire safety brand, our mission is to provide solutions that protect people and property from the effects of fire and related hazards. We’re committed to expanding our impact and providing dynamic opportunities for growth within our team. You’ll be part of a company that prioritizes quality, integrity, collaboration, and customer care, with the resources, training, and incentives to ensure your success every step of the way.
The Cyber Security Analyst is a hands-on, senior technical role responsible for leading and executing cyber incident response activities across the enterprise. This role requires deep experience detecting, investigating, containing, eradicating, and recovering from security incidents, as well as operating and optimizing modern security platforms.
The ideal candidate has 5+ years of direct incident response experience, has led real-world cyber incidents end-to-end, and is comfortable operating in high-pressure environments while coordinating with SOC, IT, cloud, OT, identity, and business stakeholders. This role also plays a key part in SOC maturity, including alert quality improvement, metrics development, and playbook execution.
Key Responsibilities
Incident Response & Operations
• Lead and execute response activities for security incidents and cyber intrusions, including malware, ransomware, phishing, identity compromise, cloud security events, and OT-related incidents.
• Act as an incident commander or senior responder during high-severity incidents, coordinating response activities across SOC, IT, Infrastructure, Cloud, Identity, OT, and third-party providers.
• Perform advanced investigation and root cause analysis using EDR, SIEM, email security, vulnerability management, DNS, certificate, and network telemetry.
• Drive containment, eradication, and recovery actions, ensuring incidents are fully resolved and documented.
• Support post-incident reviews, lessons learned, and corrective action planning.
Security Tooling – Hands-On Expertise
• Operate and tune CrowdStrike EDR for threat detection, host containment, investigation, and remediation.
• Investigate email-based threats using Proofpoint Email Security Gateway, including phishing, BEC, malware, and impersonation attacks.
• Conduct threat detection and correlation within Sophos Taegis SIEM, leveraging alerts, telemetry, and custom detections.
• Utilize Tenable One Vulnerability Management to support incident investigations, exposure analysis, and remediation prioritization.
• Perform security testing and risk identification using:
◦ Tenable One Web Application Scanning
◦ Tenable One CNAPP (cloud posture and workload security)
◦ Tenable One OT Security
• Support certificate- and identity-related investigations involving PKI and DigiCert.
• Analyze DNS- and network-based threats using Infoblox BloxOne Security.
Playbooks, Process & SOC Maturity
• Develop, execute, and continuously improve incident response playbooks for common and high-risk attack scenarios.
• Ensure playbooks align with incident severity, escalation paths, and business impact.
• Improve SOC effectiveness by driving alert fidelity, response consistency, and automation opportunities.
Metrics & Continuous Improvement
• Define, implement, and maintain SOC and incident response metrics with a focus on:
◦ Reducing alert fatigue
◦ Improving Mean Time to Detect (MTTD)
◦ Improving Mean Time to Respond (MTTR)
• Analyze trends in alerts, incidents, and response performance to identify improvement opportunities.
• Present actionable metrics and insights to SOC leadership and security stakeholders.
Required Experience & Skills
• 5+ years of hands-on experience in Security Operations and Incident Response.
• Proven track record leading cyber incidents, not just assisting or escalating them.
• Strong hands-on experience with:
◦ CrowdStrike EDR
◦ Proofpoint Email Security Gateway
◦ Sophos Taegis SIEM
◦ Tenable One (Vulnerability Management, Web App Scanning, CNAPP, OT Security)
◦ PKI and DigiCert certificate services
◦ Infoblox BloxOne Security
• Strong understanding of attacker tactics, techniques, and procedures (TTPs), including malware, ransomware, phishing, credential abuse, and cloud attack paths.
• Ability to operate under pressure, prioritize effectively, and communicate clearly during incidents.
• Strong documentation and communication skills for incident reporting and executive-level summaries.
• English Advanced
Education (Preferred)
• Bachelor’s Degree in Computer Science, Information Security, or a related field
(or equivalent practical experience)
Certifications (Preferred or In Progress)
• CISSP
• CISM
• CEH
• Incident Response–focused certifications
• Microsoft Security certifications
World Leaders in Fire and Life Safety
Kidde Global Solutions is a world leader in fire & life safety solutions tailored for complex commercial facilities to homes. Through iconic, industry-defining brands including Kidde, Kidde Commercial, Edwards, GST, Badger, Gloria and Aritech, we provide residential and commercial customers with advanced solutions and services to protect people and property in a wide range of applications, all around the globe.
