Security Incident Response

About The Position

Requirements

• 3 - 5+ years experience with Endpoint Detection and Response (EDR/XDR) and/or DFIR open-source tools.
• 3 - 5+ years of information security experience in security operations, incident analysis, incident handling, and vulnerability management.
• 4 Year/Bachelor's degree or equivalent work experience.

Nice To Haves

• Experience with security monitoring tools and incident response processes.
• Familiarity with various operating systems and their security features.

Responsibilities

• Monitor the alert queue and investigate security alerts.
• Document incidents from initial detection through final resolution.
• Perform incident response functions including host-based analysis on Windows, Linux, and Mac OS X systems.
• Maintain expertise in Operating Systems operations and artifacts to assist in investigations.
• Analyze different data types from various sources to draw conclusions regarding security incidents.
• Provide after-hours support as required for critical incidents.
• Conduct threat hunting exercises to discover current or historical threats.
• Create and modify SIEM dashboards to monitor activity and findings.
• Tune and maintain security tool policies to reduce false positives.

Benefits

• Clearly defined career framework
• Leadership development and virtual training opportunities
• PTO/parental leave
• Competitive 401K and employee benefits
• Free financial counseling and health coaching
• Tuition assistance program
• Remote work environment and flexible work situations
• Effective productivity/technology tools and training