Security/Incident Response Engineer
Posted on Sep 22, 2022 by Request Technology - Robyn Honquest
SALARY: $105k - $120k flex plus 15% bonus
LOCATION: Oakbrook, IL OR REMOTE
You will be one of three people doing security engineering. Looking for a sharp engineer with as much experience as possible and willing to learn: incident response endpoint IDS IPS vulnerability breaches manage the MSSP provider MITRE ATT and CK Frameworks Linux Windows Automation
The ideal candidate will have extensive hands-on experience with the analysis of security related data from our MSSP, SIEM and associated security tools and technologies.
Responsible for the investigation, analysis, and response to suspicious behavior, attacks and security breaches within the company's environment using cyber defense tools and our third party partners.
Roles & Responsibilities:
- Document new processes and procedures as identified by leadership to ensure continuous improvements and maturity
- Participate in the Cybersecurity Incident Response Team to employ strategy, standards, processes, and technology to detect, respond, and recover from security incidents and limit occurrence or reoccurrence by using risk-based triage.
- Serve as an endpoint security expert for MSSP engagement and collaboration
- Ongoing engagement with MSSP security monitoring partners for ongoing refinement, tuning, analysis and reporting
- Stay abreast of Cyber Security best practices and emerging technologies to provide security recommendations tailored to specific requirements and needs.
- Review and respond to security events and alerts from our MSSP or security tools and services (IDS/IPS, SIEM, EDR)
- Perform internal and external vulnerability assessments and recommend remediation actions
- Maintain knowledge of current security threats, vulnerabilities, and mitigation techniques.
- Review new technology initiatives to evaluate security risk with proposed mitigation recommendations
- Maintain knowledge of common security control frameworks (NIST or equivalent)
- Strong analytical mindset with critical thinking for ongoing creation of metrics and reporting for varying audiences
- Adaptive coordination skills for ongoing tracking and follow up on security deliverables both inbound and outbound
- Third-party risk assessments and collaboration
Qualifications & Requirements:
- Bachelor's degree or equivalent experience
- Cyber security certification(s) (Any or multiple: CISSP, CISM, OSCP, GSEC, GCIH, GCFE, GNFA, GCIA)
- 3-6+ years experience in the Information Security field
- Demonstrated knowledge of security frameworks such as NIST
- Experience or functional knowledge in security concepts such as MITRE ATT&CK framework, NIST, CIS Benchmarks or equivalent.
- Strong understanding of enterprise technologies in Networking, Cloud, End Points
- Strong Firewall and intrusion detection/prevention capabilities
- Solid knowledge of Windows and Linux operating systems, vulnerabilities, and administrative techniques
- Experience in Scripting and automation of security solutions preferred but not required
- Demonstrated detail orientation, self-starter and ability to work independently with limited supervision or direction; equally effective in a collaborative setting.
- Organization and keen multi-tasking abilities are a must
- Excellent interpersonal, verbal, and written communication skills with the ability to communicate security risk and compliance-related concepts to a broad range of technical and non-technical staff
- Ability to provide support after business hours when required
- Bachelor's Degree