Position Details
Security Engineer | Incident Response Apply
The role of the Security Incident Response Engineer is to provide specialized technical expertise in managing the firm's incident response processes and activities. This professional will play a crucial role in identifying, analyzing, and responding to potential threats to safeguard the firm's security.
This is a hybrid role to Tampa or Chicago.
Responsibilities:
Skills and Experience:
This is a hybrid role to Tampa or Chicago.
Responsibilities:
- Utilize security expertise in incident response to safeguard and mitigate the firm from information security threats
- Contribute digital forensics expertise with an excellent understanding of current and emerging threats
- Adopt a dual perspective, thinking both like an attacker and a defender, to effectively navigate incident response incidents or events to resolution
- Collaborate with cross-functional teams to ensure a comprehensive response to security incidents
Skills and Experience:
- Bachelor's degree in Computer Science or equivalent practical experience
- Certifications such as CISSP, OSCP, CEH, or SANS GCFE, GCFA, GNFA, GCTI, GREM, IH
- Extensive experience in security incident response within an enterprise environment
- Strong proficiency in Windows systems forensics, diagnostics, and image acquisition strategies
- Assess and evaluate emerging vulnerabilities in the cyber threat landscape
- Leadership experience in Computer Security Incident Response Team (CSIRT) activities throughout the incident lifecycle
- Solid understanding of TCP/IP protocols, with experience in Wireshark and packet analysis tools
- Excellent knowledge of application security controls and penetration testing methodologies
- Proficient in scripting, preferably in Python or a similar language
- Experience in risk analysis and reporting at the executive level
- Design and implement incident response policies and procedures
- Extensive experience with Security Information and Event Management (SIEM) and log analytics
- Knowledge of Security Orchestration, Automation, and Response (SOAR) for incident response automation and remediation
- Working knowledge of cloud security technologies, standards, and controls
- Exceptional analytical skills, including the ability to gather and analyze facts, formulate objective conclusions, define problems, and propose effective solutions
- Adaptability to integrate and modify existing programs or vendor-supplied package programs for use with existing information systems
- Proficient in oral and written English
- Ability to work productively and maintain focus without direct supervision
