Staff Cyber Incident Response Engineer

About The Position

Requirements

• 7+ years of proven experience in end-to-end incident response processes, including leading complex, multi-functional incidents.
• Strong investigative background with expertise in Windows analysis and forensics.
• Experience working in container environments such as Kubernetes and Docker.
• Hands-on experience with various Endpoint Detection and Response (EDR) solutions.
• Deep understanding of the internals and constructs of Linux, MacOS, and Windows operating systems.
• Extensive experience in administering, attacking, or defending cloud environments (AWS, Azure, GCP).
• Deep understanding of logs from cloud, network, and endpoint devices.
• Excellent skills in writing complex searches or analytics for popular Security Information and Event Management (SIEM) solutions.
• Proficiency in bash and at least one interpreted programming language (Python, Ruby, etc.).
• Strong ability to promote a collaborative working environment that enhances teamwork, predictability, clarity, and a culture of innovation.
• Ability to handle multiple tasks in a fast-paced environment effectively.
• Willingness to participate in an on-call rotation as required.

Responsibilities

• Lead and conduct comprehensive host forensics, network forensics, log analysis, and malware triage to support incident response investigations.
• Create and enhance scripts, tools, and methodologies to automate and improve our incident investigation processes.
• Provide leadership and mentorship to the incident response team, acting as a resource and guide for other team members.
• Partner with multiple internal and external organizations.
• Draft detailed reports, assign remediation actions, and implement improvements.
• Develop and present comprehensive reports, training sessions, and presentations for both technical and non-technical audiences.
• Participate in and help conduct tabletop exercises and incident simulations to ensure readiness.
• Collaborate with the Adobe Threat Hunting Team to conduct proactive and iterative hunts through cloud and enterprise networks, endpoints, and datasets to detect malicious or suspicious activities that have evaded existing detection tools.

Benefits

• Opportunities for professional growth and development through challenging projects and ongoing training.
• Work in a collaborative environment that values relationships and teamwork.
• Exceptional work environment that is recognized around the world.
• Ongoing feedback flows freely through a unique Check-In approach.
• Meaningful benefits.