This Job Vacancy has Expired!

Senior Incident Response Engineer(virtual remote home office)

Posted on Sep 17, 2021 by Humana

Phoenix, AZ 85067
Engineering
Immediate Start
Annual Salary
Full-Time

*Description* The Senior Incident Response Engineer will be part of a dynamic, growing team, hunting for and responding to cyber incidents stemming from internal and external threat actors. The Senior Incident Response Engineer shall provide Tier 3 services, which is coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for cyber incidents..*Responsibilities* Do you want to be a part of a team of security engineers investigating computer crimes and breaches? Can you think like an attacker to stay one step ahead of them, or understand the operational security controls needed to detect, remediate, and prevent compromises whether in the data center or in a multi-cloud environment? Humana is looking for a Senior Incident Response Engineer that has a winning combination of hands-on technical skills, strong knowledge of NIST Kill Chain and MITRE ATT&CK, and an understanding of the evolving threat landscape. Responsibilities: + Participate in security events and incidents, with a focus on incident response and forensics in accordance with our incident response plan. + Perform detection, analysis, and containment of an incident in both on premises and cloud. + Determines and identifies severity and impact and assigns appropriate priorities to all events and incidents + As a member of the core incident response team, coordinates with Privacy, Compliance Investigations, Corporate Security, and others as warranted + Utilize Humana acquired technologies to conduct large-scale investigations and examine host and network-based sources of evidence. + Analyze message headers and identify actionable indicators for remediation. + Analyze logs from SIEMs using SPLUNK or SENTINEL, and other sources and be able to identify unauthorized activity. + Perform traffic and port scan during an incident investigation. + Use security tools including IDS, IPS, firewalls, proxies, Web Application Firewall (WAF), etc., to triage events that may lead to incidents. + Collaborate with forensic analysts and other analysts, law enforcement officers, and legal experts to recommend methods and procedures for recovery, preservation, and presentation of computer evidence. + Proficiency analyzing high volumes of logs, network data (eg NetFlow, Full Packet Capture), and other event/incident artifacts using SPLUNK or SENTINEL in support of incident investigations. + Ability to act as the incident quarterback and/or lead investigator. + Assists with post-incident activities + Recommend and document specific counter-measures and mitigating controls. + Develop comprehensive and accurate reports and presentations for both technical and executive audiences + Improve Humana's business processes and incident response methodologies. + Regularly interacts with leadership and customers.*Required Qualifications* + Bachelor's or Master's degree in a technical field + Minimum 5 years of information security experience + Possess one cybersecurity certification, such as: + GIAC Certified Incident Handler (GCIH) + GIAC Certified Enterprise Defender (GCED) + GIAC Certified Forensic Analyst (GCFA) + Technical expertise in at least three of the following areas: + Windows disk and memory forensics + Cloud Operations and Engineering + Network Security Monitoring (NSM), network traffic analysis, and log analysis + Unix or Linux disk and memory forensics + Static and dynamic malware analysis + NIST Kill Chain + MITRE ATT&CK + Applied knowledge in at least one Scripting or development language (such as Python) + Understanding of enterprise security controls in Active Directory/Windows environments + Highly experienced with the installation and configuration of firewalls, intrusion detection systems, anti-virus software, and vulnerability scanning systems. + Must be passionate about contributing to an organization focused on continuously improving consumer experiences.*Preferred Qualifications* + Master's Degree in a Technical Field + Security Certification.*Additional Information* + Prior training and public speaking experience + Ability to exercise emotional intelligence and situational awareness. + Strong interpersonal communication skills. + Willingness to travel up to 10%.*Scheduled Weekly Hours* 40


Reference: 1324267800

Set up alerts to get notified of new vacancies.