This Job Vacancy has Expired!

Lead Incident Response Security Engineer

Request Technology - Craig Johnson

Posted on Sep 1, 2021 by Request Technology - Craig Johnson

Virginia, VA
Immediate Start
$140k - $170k Annual

*We are unable to sponsor for this permanent Full time role*

*Position is bonus eligible*

Prestigious Enterprise Company is currently seeking a Lead Incident Response Security Engineer. Candidate will coordinate response, triage and escalation of security incidents.


  • Be responsible for understanding the threat landscape by working with other Cyber functions such as Threat detection, Threat Intelligence, Digital Forensics etc. and in building & executing required action plan
  • Act as a role model and provide tactical support to your peers and other security analyst teammates, who deliver Cybersecurity's scaled threat response, assessment and response efforts, including mentoring & train other team members
  • Routinely participate in the review of new SIEM use cases, develop & update incident response playbooks to ensure response activities align with best practices
  • Lead technical activities, oversee tactical delivery of improvements to Cybersecurity's Incident Response processes
  • Support development of SOPs, Resiliency plans, and other necessary documentation to support Security Operations
  • Augment Incident response team to ensure 24/7 coverage and operations.

  • Responsibilities sometimes will require working evenings and weekends, sometimes with little or no advanced notice
  • Provide thought leadership and guidance on intelligence/analytics research to build capabilities to provide automated and proactive detection and response to threats
  • Routinely brief and update senior leadership and other stakeholders on the active incidents and manage expectations
  • Build and leverage effective relationships across within Information Security with functions such as Threat Intel, Forensics, Threat Detection as well as external teams in various lines-of-business, ensuring clear lines of communication and a comprehensive approach to security


  • 8+ years of Information Security experience
  • Bachelor's degree in Information Security, Computer Science, Information Technology, related field or equivalent work experience
  • 3-5+ years of Hands on Information Security SOC/Incident Response experience with analysing IOCs/Alerts as identified by SOC & Threat Intel teams
  • Proven experience in handling security events in mission critical environments; hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in solving day-to-day operational processes such as security monitoring, data correlation, security operations etc.
  • Good grasp of security incident response, such as different phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc.
  • Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)
  • Demonstrated experience with utilizing SIEM such as Splunk (preferred), ArcSight, QRadar, etc. in investigating security issues and/or complex operational issues on Windows and Unix
  • Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases)
  • GCIH IA and Splunk Certified Professional will be preferred

Reference: 1305505860

Set up alerts to get notified of new vacancies.