Adv-Cyber Incident Response

POSITION OVERVIEW:

Responsible for working with leadership to create and maintain incident response playbooks, provide recommendations during the security architecture review process for new applications, and work with security engineering teams to ensure full coverage of security tools and response capabilities.

ESSENTIAL JOB DUTIES/RESPONSIBILITIES:
1. Respond to information security incidents that are escalated to the Incident Response team for Teir 3 and Teir 4.
2. Responsible for all phases of incident response for assigned incidents.
3. Ensure timely containment, recovery, and communication with key stakeholders while keeping business units informed throughout the incident lifecycle.
4. Advise on the development, implementation, and operation of incident response systems and processes to ensure effective threat detection, containment, and remediation.
5. Conduct post-incident technical investigations to understand root-cause analysis.
6. Facilitate workshops, presentations, and stakeholder discussions to drive shared understanding.
7. Ensure lessons learned translate into improved defenses and remediation plans
8. Plan and execute red/purple team exercises, tabletop simulations, and other readiness activities.
9. Develop and maintain incident response playbooks, escalation protocols, cross-team coordination, User and Entity Behavior Analytics (UEBA) program, and model alert correlation processes.
10. Foster collaboration with remote teams to ensure consistent incident response and security operations.
11. Comply with all applicable laws/regulations, as well as company policies/procedures.
12. Perform other duties as assigned.

Disclaimer: This job description is general in nature and is not designed to contain or to be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to the job.

Pay Transparency:

The compensation listed reflects the pay range or rate of pay reasonably expected for this posted position at the posted location(s). If this opportunity includes multiple job levels, the pay information represents the minimum and maximum range for all levels. Actual pay is determined by job-related factors permitted by law and relevant to the position, such as experience, tenure, market level, pay at the location for this job, performance, schedule, and work assignment. Eligible employees offered health, vision, and dental insurance, employee assistance program, personal/sick paid time, 401(k) retirement savings plan, bonus potential, tuition reimbursement, adoption assistance, 2 weeks paid parental leave, paid bereavement, employee discounts, 6.67-13.34 hours vacation per month based on service time, 8 paid holidays.

Pay Range: $93,851.00 - $180,195.00 per year

Colorado Pay Ranges: Colorado Springs, Grand Junction $100,421 - $160,674; Henderson, Mead $106,052 - $169,683; Gypsum $112,622 - $180,195

Illinois Pay Ranges: Effingham, Kankakee, Lincoln, Quincy, Rockford, Aurora $100,421 - $160,674; Bolingbrook, Chicago Heights, Des Plaines, Elmhurst, Forest View, Joliet, Schaumburg, Summit-Argo, Zion, Buffalo $112,622 - $180,195

New York Pay Ranges: Plattsburgh, Buffalo, Watertown, North Chili, East Syracuse, Nichols $100,421 - $160,674; Bethpage, Montgomery, West Babylon $112,622 - $180,195

New Jersey Job Postings:

This compensation range is a reasonable estimate of the current starting pay range in NJ. If this opportunity includes multiple job levels, the range is a reasonable estimate of the current starting salary for the lowest level to the current starting salary of the highest level. Actual starting pay is determined by experience relative to the job, market level, specific location and other job-related factors permitted by law. Regular full & part-time employees (who complete 91 days of employment and work a minimum average of 12 hours per week) are eligible to enroll in medical, dental, and/or vision coverage, tuition reimbursement. Full/part-time employees who are age 21 are eligible for 401(k) after one month of employment.

QUALIFICATIONS:
* Bachelor's degree in business, computer science, information systems, or related field; equivalent formal training.
* Five (5) years of experience in information technology, cyber security, or incident response.
* Familiarity with cyber incident response processes, including detection, analysis, containment, eradication, and recovery
* Experience with automation (Powershell, Python, APIs, etc.) for Incident Response activities
* Strong working knowledge of SIEM, EDR, Identity and Cloud protection tools
* Excellent analytical and problem-solving skills with SIEM data analytics for effective incident investigation of root cause
* Excellent communication skills for clear reporting and collaboration with technical teams and executives
JOB CONDITIONS:

* Some travel required

Preferred Qualifications:

Pay Transparency: Posting Date: 02/12/26. Will remain posted 60 days (unless filled/cancelled sooner). Current FedEx employees apply at enterprisecareers.fedex.com. Others apply at careers.fedex.com.

Pay:

Additional Details: This position can be domiciled at any FedEx Freight location within the continental US. You will be required to work at a FedEx Freight location several times per week.

FedEx Freight is an Equal Opportunity Employer, including disabled and veterans.

• Know Your Rights
• Pay Transparency

If you have a disability and you need assistance in order to apply for a position with FedEx Freight, please call 800-888-8252 or e-mail at ADAAssistance@freight.fedex.com.

FedEx Freight will not discharge or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.