Security Incident Response Engineer

Overview

What We Do

We calm the confusion of IT by guiding the connection between people and technology. If a customer is looking for a better way to manage their warehouse inventory, equip their workforce, or secure their data, we make it happen. All it takes is finding the right combination of tech hardware, software, cloud solutions, and support services. That’s what we do. We’re the IT Department’s IT Department.

 

Who We Are

Our team is made stronger by a multitude of backgrounds, experiences, and perspectives. It’s what makes Connection unique—what drives us to innovate and create technology solutions that stand apart from the crowd. We’d love for you to be a part of that fabric, to share your ideas and experiences with a team that thrives on fresh thinking, creativity, and helping others.

 

Why You Should Join Us

You’ll find supportive teammates and a rewarding career at Connection—plus great benefits. We take pride in supporting employees with a total rewards package that provides financial, emotional, and physical resources for you and your family.  Our compensation, 401k plans, medical insurance, and other benefits are progressive and competitive.  We value the importance of our employees’ emotional wellbeing. To support employees, we provide free therapy visits, mental health coaching and tools, and meditation resources. You’ll also enjoy a generous paid time off package that includes not only vacation and sick time, but also Wellness and Volunteer Time Off days. 

Responsibilities

The Security Incident Response Engineer (SIRE) plays a crucial role in supporting security operations within the Hybrid Command Center. The SIRE focuses on responding to security alerts, assisting in incident investigations, and ensuring that emerging threats are addressed promptly and effectively. The SIRE works as part of a larger team to maintain the security posture of the organization, collaborating closely with HCC engineers, network, cloud, and SOC teams.

 

 

·         Incident Response:

·         Assists junior team members with the monitoring of security alerts and events through SIEM tools, IDS/IPS, and endpoint detection systems.

·         Escalates critical incidents to the Lead Security Engineer and relevant teams.

·         Executes containment, eradication, and recovery actions under the guidance of the team lead.

·         Coordinates with client teams and internal network, cloud, and infrastructure teams to implement corrective measures to restore security after an incident has been detected.

·         Alert Prioritization and Triage:

·         Reviews and analyzes alerts escalated from first responders initial triage to determine severity and validity.

·         Prioritizes alerts based on risk impact and operational guidelines.

·         Documents actions taken in ticketing or incident tracking systems.

·         Threat Intelligence Support:

·         Assists in tracking emerging threats and vulnerabilities relevant to the organization.

·         Provides input to vulnerability assessments and patch recommendations.

·         Participates in proactive threat-hunting activities to detect suspicious activity.

·         Security Tool Management and Operations:

·         Operates SIEM, EDR, firewalls, and other security tools to monitor network activity.

·         Assists in maintaining and fine-tuning security monitoring tools for optimal performance.

·         Collaborates with vendors or third parties for troubleshooting and maintenance of security solutions.

·         Incident Documentation and Reporting:

·         Prepares detailed incident reports, documenting events, findings, and remediation steps.

·         Participates in post-incident reviews to identify lessons learned and recommend improvements.

·         Maintains accurate records to ensure compliance with SLAs and security frameworks.

·         Assists with playbook creation for security event handling.

·         Provides insight and recommendations for security improvements to client networks.

·         Collaboration and Coordination:

·         Works closely with the SOC, IT, and network operations teams to address client security issues.

·         Participates in cross-functional meetings to align security priorities.

·         Supports incident response tabletop exercises and security awareness efforts.

·         Continuous Learning and Development:

·         Stays informed on new security technologies, trends, and best practices.

·         Participates in training programs and professional development initiatives as directed.

·         Works toward certifications relevant to the role, such as CompTIA Security+, CEH, or GSEC.

Min

USD $93,000.00/Yr.

Max

USD $119,862.00/Yr.

Qualifications

·         Technical Proficiency: Familiarity with SIEM, IDS/IPS, EDR tools, network, server infrastructure, and firewalls.

·         Analytical Skills: Strong ability to assess alerts and distinguish between legitimate incidents and false positives.

·         Communication: Clear verbal and written skills to document incidents and report findings effectively.

·         Collaboration: Ability to work effectively within a team and across departments.

·         Problem Solving: Quick thinking to assist with real-time incident response.

·         Knowledge of Security Standards: Basic understanding of NIST, ISO 27001, and CIS Controls.

·         Experience in security operations or working within a SOC environment.

·         Familiarity with incident response frameworks and threat-hunting methodologies.

·         Relevant certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), or GIAC Security Essentials (GSEC) preferred