Description


Job Description:

  • Security incidents from a technical perspective, responsible for responding to security incidents and performing forensics, including major ones, performing data gathering and communications tasks as required.
  • Analyzing network traffic to identify malicious activity or compromised systems, prevent successful attacks
  •  Investigate data breaches and malicious activity leveraging forensics tools; analyze Windows, and Linux, in cloud environments to identify Indicators of Compromise (IOCs) and Indicators of Attack (IOA); examine firewall, we b, database, and other log sources to identify evidence of malicious activity
  • Work closely with engineering teams to continuously provide technology requirements and use cases for enabling technologies including but not limited to SIEM, SOAR, Case Management, EDR, Intrusion Detection Systems, HIPS, Web Proxy/Content Filtering, Active Directory, and any other tools needed
  • Lead, build, and maintain DFIR runbooks and response procedures
  • Mentor and lead Incident Responders from a technical perspective
  • Technical Cloud IR and Cloud forensics SME
  • Drive Security Incident Lessons Learned back into the business
  • You will build and advance our Security Incident Response program through implementation of incident management best practices
  • You will serve as an escalation point for complex security incidents and act as an incident manager to coordinate response efforts across multiple teams and timezones
  • You’ll work across various security teams to influence our signal collection, prevention and detection strategies
  • Building strong relationships with the other technical teams across our engineering and infrastructure functions
  • Responsible for the continuous maturity of Incident Response processes and the management of a globally distributed Incident Response team.
  • Perform root cause analysis and guide Junior analysts, to recommend security improvements to prevent future incidents or events similar to those witnessed in the past. Ensure peer review happens as much as possible.
  • Owns and ensures documentation of processes and procedures are current.
  • Develops and conducts tabletop exercises.

Key Skills
Education

Any Graduate

Back To Jobs