Sr. Engineer, Cybersecurity - Threat Response

About The Position

Requirements

• Bachelor's Degree plus 5 years of related work experience OR Advanced degree with 3 years of related experience. Acceptable areas of study include Computer Science or Information Technology.
• 4-7 years experience with security related software and/or business process design.
• 4-7 years experience in technical project management and leading multi-functional solution design teams.
• 4-7 years experience in network information security, including firewall policy design, SSL certificate management, and vulnerability analysis and mitigation.
• Experience supporting cybersecurity operations, security investigations, or incident response activities.
• Experience with enterprise security technologies and security monitoring platforms.

Nice To Haves

• Experience serving as an Incident Commander, Incident Lead, or similar coordination role during major cybersecurity incidents or enterprise outages.
• Knowledge of telecommunications, carrier, service provider, or large-scale network environments, including core networking concepts, network protocols, and network security principles.
• Experience investigating network-based attacks, telecommunications infrastructure security events, or incidents involving enterprise and carrier-grade technologies.
• Experience conducting digital forensics investigations and knowledge of forensic tools such as Axiom, KAPE, EnCase, X-Ways, Cellebrite, or similar platforms.
• Experience with MITRE ATT&CK, Cyber Kill Chain, and NIST/SANS Incident Handling frameworks.
• Experience with SOAR platforms and security automation development.
• Knowledge of cloud security and enterprise-scale environments.
• Experience with SIEM, IDS/IPS, EDR, and security monitoring technologies.
• Solid understanding of network security, routing, switching, DNS, TCP/IP, telecommunications technologies, threat detection, and incident response methodologies.
• Strong knowledge of enterprise networking concepts, including TCP/IP, DNS, routing, switching, firewalls, network protocols, and network-based threat detection and response
• Knowledge of adversary tactics, techniques, and procedures (TTPs), threat-informed defense methodologies, and proactive investigation techniques
• Knowledge of scripting tools (Python, Perl, Shell, HTML, PHP)
• Strong analytical, troubleshooting, and problem-solving skills.
• Ability to communicate technical findings to both technical and non-technical audiences.
• Licenses and Certifications(preferred) CISSP, CISM, CRISC, CCSP, CCSK, CISA, GCIH, GCFA, GCFE, GNFA, GCIA, GREM, or similar certifications.

Responsibilities

• Conduct analysis of security alerts, incidents, and threat intelligence to identify potential risks and assess impact to systems and business operations.
• Lead and support cybersecurity incident response activities, including detection, investigation, containment, eradication, recovery, and post-incident review.
• Serve as Incident Commander during cybersecurity incidents, coordinating multi-functional response efforts, driving decision-making, managing communications, and ensuring timely resolution of security events.
• Conduct proactive investigations to identify emerging threats, validate security controls, and improve detection and response capabilities.
• Develop and implement response procedures and mitigation strategies to reduce organizational risk.
• Collaborate with internal technology teams and business partners to investigate security events and drive remediation efforts.
• Partner closely with network, cloud, infrastructure, and application teams to investigate security incidents impacting enterprise and telecommunications environments.
• Document incident findings, root cause analysis, response actions, and lessons learned in accordance with company policies and regulatory requirements.
• Communicate incident status, technical findings, and remediation recommendations to leadership and key collaborators.
• Contribute to continuous improvement of detection and response capabilities through process enhancements, tuning opportunities, automation, and knowledge sharing.
• Monitor evolving threat activity and apply industry standards to improve organizational resilience.
• Provide technical guidance and mentoring to peers and junior team members.
• Participate in cybersecurity initiatives and projects assigned by management.
• Participate in an on-call rotation to provide after-hours support for cybersecurity incident escalations originating from the Security Operations Center (SOC).

Benefits

• Competitive base salary and compensation package
• Annual stock grant
• Employee stock purchase plan
• 401(k)
• Free, year-round money coaches
• Medical insurance
• Dental insurance
• Vision insurance
• Flexible spending account
• Paid time off
• Up to 12 paid holidays
• Paid parental and family leave
• Family building benefits
• Back-up care
• Enhanced family support
• Childcare subsidy
• Tuition assistance
• College coaching
• Short-term disability
• Long-term disability
• Voluntary AD&D coverage
• Voluntary accident coverage
• Voluntary life insurance
• Voluntary disability insurance
• Voluntary long-term care insurance
• Mobile service & home internet discounts
• Pet insurance
• Access to commuter and transit programs