Overview
On Site
120k - 165k
Full Time
Skills
Policies and procedures
Incident management
Information security
Digital forensics
Computer science
IT security
TCP/IP
Packet analysis
Software security
Penetration testing
Risk analysis
Event management
Cloud security
Analytical skill
Information systems
Management
Collaboration
CISSP
OSCP
Certified Ethical Hacker
SANS
GCFA
Microsoft Windows
Forensics
Acquisition
Leadership
CSIRT
Wireshark
Scripting
Python
Reporting
Design
SIEM
Analytics
Orchestration
Automation
Adaptability
English
FOCUS
Supervision
Job Details
The role of the Security Incident Response Engineer is to provide specialized technical expertise in managing the firm's incident response processes and activities. This professional will play a crucial role in identifying, analyzing, and responding to potential threats to safeguard the firm's security.
This is a hybrid role to Tampa or Chicago.
Responsibilities:
Skills and Experience:
This is a hybrid role to Tampa or Chicago.
Responsibilities:
- Utilize security expertise in incident response to safeguard and mitigate the firm from information security threats
- Contribute digital forensics expertise with an excellent understanding of current and emerging threats
- Adopt a dual perspective, thinking both like an attacker and a defender, to effectively navigate incident response incidents or events to resolution
- Collaborate with cross-functional teams to ensure a comprehensive response to security incidents
Skills and Experience:
- Bachelor's degree in Computer Science or equivalent practical experience
- Certifications such as CISSP, OSCP, CEH, or SANS GCFE, GCFA, GNFA, GCTI, GREM, IH
- Extensive experience in security incident response within an enterprise environment
- Strong proficiency in Windows systems forensics, diagnostics, and image acquisition strategies
- Assess and evaluate emerging vulnerabilities in the cyber threat landscape
- Leadership experience in Computer Security Incident Response Team (CSIRT) activities throughout the incident lifecycle
- Solid understanding of TCP/IP protocols, with experience in Wireshark and packet analysis tools
- Excellent knowledge of application security controls and penetration testing methodologies
- Proficient in scripting, preferably in Python or a similar language
- Experience in risk analysis and reporting at the executive level
- Design and implement incident response policies and procedures
- Extensive experience with Security Information and Event Management (SIEM) and log analytics
- Knowledge of Security Orchestration, Automation, and Response (SOAR) for incident response automation and remediation
- Working knowledge of cloud security technologies, standards, and controls
- Exceptional analytical skills, including the ability to gather and analyze facts, formulate objective conclusions, define problems, and propose effective solutions
- Adaptability to integrate and modify existing programs or vendor-supplied package programs for use with existing information systems
- Proficient in oral and written English
- Ability to work productively and maintain focus without direct supervision