Monitor, respond, and work to resolution alerts from security tools such as endpoint detection and response (EDR), email security, firewall, security event and information management (SIEM), IPS/IDS, Application Firewall, malware, change detection (FIM), user behavioral analytics, rogue wireless network alerts, and security system health monitoring.
Participate in the organization's incident response plan and perform incident reporting on an as needed basis.
Experience in incident response, to include evidence collection and preservation, timelining activities, and conducting technical interviews.
Experience with automated workflow tools and Strong analytical and problem-solving skills; Python experience a plus.
Collaborate with team members and assist in developing and implementing SOC IR strategies, along with refining and testing incident response playbooks and procedures.
Coordinate with internal and external stakeholders during incidents.
Stay updated on emerging cybersecurity threats and trends.
Perform security engineering tasks as required to include alert tuning, system maintenance, determining and capturing key information feeds, etc.
Participate and fulfill requests from audit, compliance, and regulatory functions, including and not limited to Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), emerging state and Federal privacy laws, and general security auditing.
Must be able to work outside normal business hours when needed in order to perform diagnosis and/or implementation of product releases or changes so that normal business workflow is not interrupted.
This position requires domestic and/or international travel of up to 5%.

Requirements

A bachelor’s degree in computer science, Information Security, related field, or equivalent experience
2+ years of experience working extensively within security or highly technical IT fields
Experience with various functions within the entire incident response life cycle including security system engineering, alert monitoring, triage, incident analysis (host and network forensics, malware analysis, etc.) and incident management
Experience working with information security technologies, such as IDS/IPS, malware prevention, database activity monitoring, secure password repository, multi-factor authentication, SIEM, SPAM prevention, web content filtering, IdM/IAM, encryption and encryption key management, DLP, change detection, and vulnerability scanners
Knowledge of TCP/IP: must be able to demonstrate technical understanding of all layers of the TCP/IP stack, including familiarity with major application-layer protocols such as HTTP, HTTPS, FTP, SFTP, FTPS, SMTP, DNS, etc.; must be able to read and understand a packet trace; must be able to read and interpret network access control lists
A clear understanding of a variety of network and application attacks: examples include DoS/DDoS, buffer overflows, SQL injection, reconnaissance scanning, and evasive methods attackers use to avoid detection; must be able to demonstrate a minimum level of familiarity with well-known vulnerabilities and exploits
Working knowledge with IT security, compliance, and regulatory requirements, such as Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), Health Insurance Portability and Accountability Act (HIPAA), state and Federal privacy laws
Ability to read, write, speak and understand the English language in a business environment.

Benefits

Work from Home
Employee Belonging Groups
Healthcare: Dental, Medical, and Vision
Paid Vacation, Volunteer, and Holiday Time Off
And so much more!

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Pythonincident responseevidence collectiontimelining activitieshost forensicsnetwork forensicsmalware analysisalert monitoringincident managementsecurity system engineering

Soft Skills

analytical skillsproblem-solving skillscollaborationcommunicationstakeholder coordination

Certifications

bachelor's degree in computer sciencebachelor's degree in Information Securityequivalent experience