Cyber Security Engineer - Incident Response

About You – experience, education, skills, and accomplishments 

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field or equivalent relevant work experience
• 4+ years of relevant work experience

It would be great if you also have… 

• Strong understanding of cybersecurity principles, protocols, and technologies, both on-prem and in the major cloud provider environments. 
• Competency in using Endpoint Detection and Response (EDR) tools like CrowdStrike or Carbon Black to detect, investigate, and remediate endpoint threats. 
• Deep understanding of threat hunting and alert logic. A proven track record of alert tuning.  
• Strong forensic analysis skills, including the use of tools like EnCase or FTK to investigate security breaches, gather evidence, and perform root cause analysis. 
• Proven ability to lead complex incident response efforts, coordinating with cross-functional teams, conducting post-incident reviews, and improving response strategies
• Conducted in-depth analysis of security alerts and incidents to determine the root cause and impact. 
• Experience utilizing incident response plans, including containment, eradication, and recovery strategies. 
• Lead investigations into security breaches and incidents, documenting findings and recommendations for remediation. 
• Assist in the development and enforcement of security policies, procedures, and best practices. 
• A track record of collaborating with cross-functional teams to assess security risks associated with new projects and initiatives. 
• Experience providing guidance and mentorship to Level 1 Security Analysts, helping them enhance their skills and knowledge. 
• Experience in the creation and maintenance of playbooks and SOP’s. 
• Possession of higher-level certifications such as CISSP (Certified Information Systems Security Professional), OSCP (Offensive Security Certified Professional), or CISM (Certified Information Security Manager). 
• Strong forensic analysis skills, including the use of tools like EnCase or FTK to investigate security breaches, gather evidence, and perform root cause analysis. 

What will you be doing in this role?  

You will have an advanced role in safeguarding our organization's information systems.  Using foundational cybersecurity knowledge, responsible for playing a key part in identifying and mitigating complex security threats and vulnerabilities. You will work closely with senior analysts and management to contribute to the development and implementation of security policies, procedures, and controls to enhance our overall security posture. You will play a key role in the triaging of security incidents and assist more junior team members with escalations.