Senior Security Engineer, Incident Response

POSITION SUMMARYThe Sr. Security Engineer is responsible for testing physical, logical, and electronic protection of data, including cloud, corporate, web application, access control, intrusion detection/prevention, virus protection, and more, as well as Digital Forensics, Software Development, Vulnerability Research, Reverse Engineering, Software/Hardware Engineering, and Operational Consultancy (e.g., Red Teaming/Hunt, Mission Evaluation) and performing incident response and working in the global security operations center. The Sr. Security Engineer will also assist with identifying current and emerging cyber events, along with developing countermeasures with known and/or discovered indicators.RESPONSIBILITIESResolve incidents and problem tickets issued against supported devices within published SLAsIdentify opportunities for process improvement and automation of repetitive tasks leveraging a SOAR platformOperate security operations technology (SIEM/EDR) and provide ongoing system support and advice to other users of this technologyDevise and implement approaches to monitor applications and data flows via effective information dashboards for operational metrics, end-to-end system data processing, incident management, change control, and complianceUse monitoring data in combination with other sources to analyze the risk of a successful attackProactively recommend new tools, techniques, and procedures to enhance SOC performance and quickly learn new tools as they are introducedActively search all areas of the internal network for hidden threats and vulnerabilitiesAssist in the development and documentation of policies and processesSupport audits and compliance effortsParticipate in red/blue/purple team exercises as needed to analyze threat scenarios and assess internal defenses. Document resultsEngage positively across multiple teams to establish clarity, vision, and mutual trust in order to achieve business goalsAdheres to industry-specific local, state, and federal regulations, as applicableOther duties as assignedQUALIFICATIONS3 + years of IT engineering experienceKnowledge of operating systems internals and endpoint security experienceGeneral knowledge of APT campaigns, Tools, Techniques, & Procedures (TTP), malware attack vectors, memory injection techniques and malware persistence mechanismsU.S. CitizenAbility to obtain and maintain a Top Secret clearanceDESIRED QUALIFICATIONSCertified Information Systems Security Professional (CISSP) certification 5+ years of cybersecurity incident response participation Active security clearance a plusQualificationsEqual Opportunity EmployerRace/Color/Sex/Sexual Orientation/Gender Identity/Disability/VetOriginally posted on Himalayas

Apply Now