Software Engineer, DFIR

About The Position

Requirements

• Experience with CI/CD platforms and maintenance, such as Github Actions, ArgoCD, and FluxCD.
• Experience with relational database administration, SQLAlchemy, SQLModel, and full stack application development.
• Experience developing and running containerized services within AWS.
• Programming experience in Bash, Python, PowerShell, or Go.
• Experience with Rust, especially in developing command line tools or building rust bindings for python.
• Experience with large-scale data ingest and data processing pipelines and related tooling: AWS Kinesis, Kafka, Apache Airflow, Vector, Cribl.
• Experience with big data or machine learning categorization algorithms and Python libraries.
• Experience with Kubernetes, EKS, KEDA, Karpenter, secure secret management within a Kubernetes cluster, Istio, AWS IRSA.
• Experience with infrastructure as code projects such as: OpenTofu, Terraform, Crossplane, AWS Controller for Kubernetes (ACK).
• Understanding of cloud platforms and security considerations within AWS (Amazon Web Services), Azure, Microsoft 365, and GCP (Google Cloud Platform).
• Experience with EDR solutions (Defender, SentinelOne, CrowdStrike).
• Strong understanding of legal and regulatory frameworks related to cyber security investigations such as PCI, NIST CSF, or other industry-specific regulations.
• Excellent communication and presentation skills to clearly and concisely communicate complex technical concepts to stakeholders.
• Superior organizational and analytical skills; demonstrated ability to manage multiple tasks simultaneously.
• Minimum 4 year / bachelor’s degree in cyber security, Computer Science, Information Technology related degree or relevant professional work experience.
• 2 years in leading active cybersecurity engagements, developing security automation and/or SOAR capabilities in support of security incident response, digital forensics, malware analysis or threat intelligence.

Nice To Haves

• Experience with Vue, JavaScript, TypeScript, or AG Grid is a plus.
• Advanced degrees or certifications in security (CISSP, CISM, GCFE, GCFA, GREM, GBFA, GCIH, CFCE, CCE) or cloud engineering (AWS Certified Security, Azure Security Engineer, Google Professional Cloud Security Engineer, CCNA, MCSE are a plus.

Responsibilities

• Assign tasks, delegate responsibilities, and provide mentorship to team members.
• Support development and maintenance of operating procedures and best practices for the engineering team.
• Maintain positive, professional insured/carrier relationships.
• Foster a culture of innovation, continuous learning, and skill development within the engineering team.
• Understand insured needs and tailor strategies to address specific business risks and compliance requirements.
• Communicate complex engineering concepts internally and externally.
• Develop and maintain engineering automation in support of incident response plans aligned with industry best practices.
• Stay informed about emerging engineering technologies and industry best practices.
• Understand and be aware of digital forensics methodologies for evidence collection, analysis, and reporting.
• Provide expert technical guidance on engineering methodologies, automation techniques, software development, and recovery techniques.
• Occasionally, support complex digital forensic investigations, including analysis of system logs, network traffic, and endpoint data.
• Follow work plans, established timelines, and predefined goals for assigned work.
• Meet commitments on deadlines.
• Communicate activities, results, and observations with employees and management as appropriate.
• Identify areas for improvement in existing business practices.
• Perform work thoroughly in a cost-efficient manner and at a high productivity level.
• Comply with all corporate policies and procedures.
• Report any breakdowns in controls to management.
• Conduct all activities in a safe manner.

Benefits

• Subsidized medical, prescription, dental, vision and basic life and disability insurance
• Employee assistance program
• Paid parental leave
• 401(k) plan with Company matching contributions
• Educational/loan assistance
• At least 20 days of PTO, prorated for the current year based on date of hire, and/or paid sick leave.
• Approximately 11 paid holidays, one paid volunteer day, and two paid floating holidays.