Sr. Security Incident Responder

Full Time
Austin, TX
Areas of Interest: Digital Forensics, Incident Response
report a problem
The Digital Forensics and Incident Response (DFIR) organization responds to cyber security and privacy incidents across Express Scripts (ESI) business units. The ideal candidate will have excellent analytical and problem-solving skills, strong communication skills (written and verbal), and a competent technical skill set. This position will be responsible for providing operational support for Information Systems threats, managing security incidents, managing threat intelligence, and handling SOC-related service requests. 

  • Own and provide tiered technical resolution for security incidents and SOC service requests with an emphasis on Tier 2 and greater
  • Log and record all identified or reported security incidents and service requests into DFIR ticketing system, and appropriately classify and prioritize based on DFIR SOPs and playbooks.
  • Identify gaps and recommend improvements to enterprise technology environment across all platforms, with a goal to enhance the overall security posture of ESI.
  • Possess and maintain adequate level of technical and analytical skills, to handle security incidents and threats that have the Provide timely, reliable and courteous service to all customers
  • Work hand-in-hand with the Security Operations Center (SOC) and all relevant stakeholders to identify, remediate and bring closure to all potential security related threats
  • Stay abreast of latest vulnerabilities, exploits and other relevant threat-related information
  • Take appropriate steps to demonstrate effective level of controls are in place to protect sensitive/confidential information within the customer environment (and to ensure compliance with PCI-DSS).
  • Report common and repeat problems (trend analysis) to management and propose process and technical improvements.
  • Perform other duties as assigned
  • Participate in an on-call rotation
Technical Requirements
  • Experience using open source incident response and analysis tools such as Volatility, Redline, bulk_extractor, Highlighter, etc.
  • Experience utilizing the Cyber Kill Chain.
  • Experience using Encase and eDiscovery and digital forensics methodologies.
  • Experience in a formalized cyber threat intelligence program.
  • Experience doing static and dynamic malware analysis.
  • Ability to fully utilize MS Office products required.
  • Ability to generate incident timelines, and perform memory and disk acquisition and analysis
  • Experience with one or more scripting languages such as Perl, Python, Bash and PowerShell highly desired.
  • Experience working with interpreting, tuning, searching and manipulating data within enterprise logging/SIEM solutions.
  • Exceptional understanding of the cyber threat landscape, attack surfaces, and threats associated with each
Security and/or Networking familiarity or understanding preferred in any of the following:
  • Basic routing principles and networking fundamentals
  • Well known protocols and services (FTP,HTTP,SSH,SMB,LDAP)
  • Command line interfaces
  • Packet Analysis Tools (TCPDUMP, Wireshark, etc)
  • Keen ability to diagnose and troubleshoot technical issues, excellent problem solving skills
  • Bachelor’s degree and at least 5 years experience or at least 11 years experience without degree
  • Minimum 5 years of general Information Security experience required.
  • Minimum 3 years working as a Security Incident Response professional required.
  • Minimum 5 years of experience with a variety of operating systems including Windows, Linux or UNIX in a functional capacity preferred.
  • Ability to work both independently and as part of a team with little supervision
  • Excellent written and verbal communication skills required. Must be able to communicate technical details a clear, understandable manner.
  • Customer-oriented focus required, with a strong interest in a satisfied client
  • Solid understanding of Information Security required
  • The ability to pick new technology or concepts up very quickly required
  • Outstanding time management and organizational skills required


This expansive group is accountable for planning, building and driving core technology solutions and services across virtually every aspect of the business, including Infrastructure, Engineering, Operations, Architecture, Pharmacy Technology, Home Delivery, Specialty and IT Service Management. The following teams help comprise this ever-important group\:
  • IT Architecture & Innovation defines and drives the company’s architecture strategy.
  • IT Engineering manages all engineering activities associated with the company’s architecture and attendant technology.
  • IT Operations manages all the technology that supports the company’s operational functions.

Advance your career with the company that makes it easier for people to choose better health. Express Scripts is a leading healthcare company serving tens of millions of consumers. We are looking for individuals who are passionate, creative and committed to creating systems and service solutions that promote better health outcomes. Join the company that Fortune magazine ranked as one of the 'Most Admired Companies' in the pharmacy category. Then, use your intelligence, creativity, integrity and hard work to help us enhance our products and services. We offer a highly competitive base salary and a comprehensive benefits program, including medical, prescription drug, dental, vision, 401(k) with company match, life insurance, paid time off, tuition assistance and an employee stock purchase plan.

Express Scripts is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. Applicants must be able to pass a drug test and background investigation. Express Scripts is a VEVRAA Federal Contractor.

Share this job:

Express Scripts

Careers with Purpose Join our collaborative team at Express Scripts
Express Scripts manages prescriptions for 100 million Americans. On behalf of our clients– employers, health plans, unions and government health programs– we make the use of prescription drugs safer and more affordable. Express Scripts unique platform, Health Decision Science, combines three capabilities– behavioral science, clinical specialization and actionable data–to help individuals make the best drug choices, pharmacy choices and health choices. Better decisions mean healthier outcomes. Express Scripts provides integrated pharmacy benefit management services, including network-pharmacy claims processing, home delivery, specialty benefit management, benefit-design consultation, drug utilization review, formulary management, and medical and drug data analysis services. The company also distributes a full range of biopharmaceutical products and provides cost-management and patient-care services. To learn more about how Express Scripts applies Health Decision Science to enable better decisions for healthier outcomes, visit or follow @ExpressScripts on Twitter. SUBSIDIARIES AND BRANDS Express Scripts Canada– provider of health benefit management (HBM) services to 7 million Canadians Freedom Fertility Pharmacy– specializing in delivery of infertility medication Accredo®– specialty pharmacy and services through Therapeutic Resource Centers™ United BioSource Corporation®– partners with life science companies to develop and commercialize products
Visit Express Scripts's Social Media pages:
Company Industry: Hospital & Health Care
Company Type: Public Company
Company Size: 5,001-10,000