Sr Mgr, Incident Response & Exposure Management

About Carrier

Carrier Global Corporation, global leader in intelligent climate and energy solutions, is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we've led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do. For more information, visit corporate.carrier.com or follow Carrier on social media at @Carrier.

Job Summary:

Carrier’s Cybersecurity team is seeking a highly skilled and experienced Sr.Mgr., Incident Response & Exposure Managementto lead advanced threat detection, incident response, exposure management, forensic investigations, and proactive threat hunting activities. This role requires deep technical expertise in incident response, digital forensics, network protocol analysis, threat intelligence, and enterprise attack surface management.

As a senior member of our growing Cybersecurity Operations team, you will play a critical role in identifying, tracking, and understanding threats to the organization. You’ll support complex incident response investigations, analyze endpoint and network telemetry, proactively hunt for adversaries, and help reduce organizational risk by managing and minimizing the attack surface.

This is a unique opportunity to join a rapidly expanding cybersecurity team where your expertise will directly influence the development of foundational processes and outcomes. You’ll work on high-impact investigations, collaborate with top-tier professionals, and help shape the future of Carrier’s threat detection, response, and exposure management capabilities in a global enterprise environment.

Key Responsibilities

• Lead and execute advanced incident response investigations, including endpoint and network forensics, malware analysis, and root cause determination.

• Conduct proactive threat hunting using behavioral analytics, threat intelligence, and anomaly detection across enterprise systems.

• Perform deep packet inspection and protocol analysis to identify malicious activity and lateral movement.

• Analyze and correlate data from multiple sources (EDR, SIEM, threat intel, etc.) to detect and respond to sophisticated threats.

• Identify and assess external and internal attack surface exposures, including misconfigurations, shadow IT, and vulnerable assets.

• Collaborate with exposure vulnerability management teams to prioritize and remediate high-risk findings based on threat intelligence and exploitability.

• Support and mentor junior analysts during investigations and threat hunting engagements.

• Develop and maintain incident response playbooks, forensic procedures, and detection logic.

• Interface with legal, compliance, and business stakeholders during incident response activities and post-incident reviews.

• Maintain awareness of emerging threats, vulnerabilities, and adversary tactics, techniques, and procedures (TTPs).

Basic Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, or Information Technology.

• 10+ years of experience in cybersecurity operations, with a focus on incident response, digital forensics, threat hunting, Red Team, orexposure management.

Preferred Qualifications

• Industry certifications such as GCFA, GNFA, GREM, OSCP, or similar.

• Experience with tools such as SIEM, Wireshark, Magnet, EnCase, CrowdStrike, Qualys, and Attack Surface Management platforms.

• Experience with scripting or automation (e.g., BASH, Python, PowerShell) to support investigations and data analysis.

• Familiarity with cloud environments (AWS, Azure) and associated security tooling.

• Experience supporting legal or regulatory investigations, including evidence handling and chain of custody.

• Demonstrated experience in:

  • SIEM and log analysis

  • Endpoint and network forensics

  • Protocol analysis (e.g., TCP/IP, HTTP/S, DNS, SMB)

  • Target Digital Network Analyst (TDNA) or Digital Network Exploitation Analyst (DNEA)

  • Attack surface discovery and reduction

  • Vulnerability assessment and risk-based remediation

  #LI-Onsite

RSRCAR