Senior Incident Response Engineer

About The Position

Requirements

• Possess advanced knowledge of security of cloud agnostic infrastructure.
• Have the ability to conduct forensic and incident response investigations.
• Understanding of incident response and risk mitigation workflow and planning.
• Able to participate in the analysis of security events for anomalous activity.
• Identification of emerging security threats.
• Able to develop and implement security improvement and remediation programs.
• Possess vulnerability assessment, exploitation techniques, malware reverse engineering, threat analysis, and security threat and incident reporting.
• Able to participate in the investigation and navigation in Cloud and Web-based environments.
• Possess any of the following Licensing/certification : CCFE, GCFE, CISSP, CISM, SANS, GIAC, ISACA, CSRIC (or related), ethical hacking/penetration tester certification, and/or security risk assessment certification

Responsibilities

• Helping improve the resilience and readiness of security protection and mitigation technologies and processes which ensure the confidentiality, integrity, and availability of the organization’s assets, information, data, and IT services in an efficient manner.
• Developing and execute security incident response plans, conduct cyber forensic investigations on physical endpoints and cloud platforms, independently lead the full life-cycle of incident response investigations of all reported security incidents.
• Developing comprehensive incident reports and investigation summaries.
• Develop and collect intelligence to proactively detect and identify high-confidence threats to the brand, service infrastructure and enterprise users and systems.
• Analyzing/validating security control requirements and tuning, defining the mitigation rules, scripting and performing changes or mitigating attacks, and assisting with troubleshooting support related to any issues which may arise from security detection or protection technologies.
• Assisting with reviewing existing tools, applications, and processes to help strengthen and optimize current security capabilities, as well as identifying any gaps or technical solutions to further enhance the team’s effectiveness.
• Leading analysis and review security events for anomalous activity, collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats.