Senior Security Engineer, DFIR

About The Position

Requirements

• 5+ years of experience performing incident response, digital forensics, security investigations, or penetration testing spanning systems, networks, platforms, and services.
• Proven experience managing the full incident response lifecycle.
• Skilled at analyzing logs to detect anomalies, contain threats, and prioritize responses.
• Broad knowledge of security threats and depth in one or more verticals including networking, applications, operating systems, virtualization, etc.
• Experience with endpoint detection and response platforms.
• Experience with data platforms such as Splunk, Elastic, Databricks, and others.
• Experience with Cloud Environments including AWS, Azure, or GCP.
• Strong written and verbal communication skills.
• Ability to adjust and respond to rapidly shifting priorities.
• Coding/scripting experience in a modern language such as Python, Java, Go, Rust, or similar.

Nice To Haves

• BS/MS degree in Computer Science, Cybersecurity, or related field.
• Certifications such as GCFA, CASP+, SEC+, CISSP, OSCP, or similar is highly desired.
• Experience with MITRE attack framework.
• Experience in gaming, media, or similar industries.

Responsibilities

• Detect and respond to emergent security threats.
• Conduct investigations, identifying, preserving, and analyzing digital evidence.
• Hunt for threats, anomalies, and indicators of compromise.
• Support readiness, response, and recovery from security events.
• Process and leverage large data in support of security operations.
• Utilize tools, code and data to resolve sophisticated security challenges.
• Advise business, stakeholders and partners in security related matters.
• Track trends in the security community and stay on top of novel threats.
• Continuously refine threat response playbook based off the evolving threat landscape.