**Country:** United States of America **Location:** CAF77: CCS - CIB, 13995 Pasteur Boulevard, Palm Beach Gardens, FL, 33418 USA **About Carrier** Carrier Global Corporation, global leader in intelligent climate and energy solutions, is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we've led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do. For more information, visit corporate.carrier.com (https://c212.net/c/link/?t=0&l=en&o=3847430-1&h=139563088&u=https%3A%2F%2Fwww.corporate.carrier.com%2F&a=corporate.carrier.com) or follow Carrier on social media at @Carrier (https://c212.net/c/link/?t=0&l=en&o=3847430-1&h=4009942256&u=https%3A%2F%2Ftwitter.com%2Fcarrier&a=%40Carrier) . **Job Summary:** Carrier’s Cybersecurity team is seeking a highly skilled and experienced Sr. Mgr., Incident Response & Exposure Management to lead advanced threat detection, incident response, exposure management, forensic investigations, and proactive threat hunting activities. This role requires deep technical expertise in incident response, digital forensics, network protocol analysis, threat intelligence, and enterprise attack surface management. As a senior member of our growing Cybersecurity Operations team, you will play a critical role in identifying, tracking, and understanding threats to the organization. You’ll support complex incident response investigations, analyze endpoint and network telemetry, proactively hunt for adversaries, and help reduce organizational risk by managing and minimizing the attack surface. This is a unique opportunity to join a rapidly expanding cybersecurity team where your expertise will directly influence the development of foundational processes and outcomes. You’ll work on high-impact investigations, collaborate with top-tier professionals, and help shape the future of Carrier’s threat detection, response, and exposure management capabilities in a global enterprise environment. **Key Responsibilities** + Lead and execute advanced incident response investigations, including endpoint and network forensics, malware analysis, and root cause determination. + Conduct proactive threat hunting using behavioral analytics, threat intelligence, and anomaly detection across enterprise systems. + Perform deep packet inspection and protocol analysis to identify malicious activity and lateral movement. + Analyze and correlate data from multiple sources (EDR, SIEM, threat intel, etc.) to detect and respond to sophisticated threats. + Identify and assess external and internal attack surface exposures, including misconfigurations, shadow IT, and vulnerable assets. + Collaborate with exposure vulnerability management teams to prioritize and remediate high-risk findings based on threat intelligence and exploitability. + Support and mentor junior analysts during investigations and threat hunting engagements. + Develop and maintain incident response playbooks, forensic procedures, and detection logic. + Interface with legal, compliance, and business stakeholders during incident response activities and post-incident reviews. + Maintain awareness of emerging threats, vulnerabilities, and adversary tactics, techniques, and procedures (TTPs). **Basic Qualifications** + Bachelor’s degree in Computer Science, Cybersecurity, or Information Technology. + 10+ years of experience in cybersecurity operations, with a focus on incident response, digital forensics, threat hunting, Red Team, orexposure management. **Preferred Qualifications** + Industry certifications such as GCFA, GNFA, GREM, OSCP, or similar. + Experience with tools such as SIEM, Wireshark, Magnet, EnCase, CrowdStrike, Qualys, and Attack Surface Management platforms. + Experience with scripting or automation (e.g., BASH, Python, PowerShell) to support investigations and data analysis. + Familiarity with cloud environments (AWS, Azure) and associated security tooling. + Experience supporting legal or regulatory investigations, including evidence handling and chain of custody. + Demonstrated experience in: + SIEM and log analysis + Endpoint and network forensics + Protocol analysis (e.g., TCP/IP, HTTP/S, DNS, SMB) + Target Digital Network Analyst (TDNA) or Digital Network Exploitation Analyst (DNEA) + Attack surface discovery and reduction + Vulnerability assessment and risk-based remediation\#LI-Onsite RSRCAR **_Carrier is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. Carrier provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans’ Readjustment Assistance Act._** **Job Applicant's Privacy Notice:** Click on this link (https://www.corporate.carrier.com/legal/privacy-notice-job-applicant/) to read the Job Applicant's Privacy Notice