Senior Security Engineer, Incident Response
Virtual, United States
Full Time Senior-level / Expert Clearance required USD 117K - 218K * est.
Constellis
POSITION SUMMARY
The Sr. Security Engineer is responsible for testing physical, logical, and electronic protection of data, including cloud, corporate, web application, access control, intrusion detection/prevention, virus protection, and more, as well as Digital Forensics, Software Development, Vulnerability Research, Reverse Engineering, Software/Hardware Engineering, and Operational Consultancy (e.g., Red Teaming/Hunt, Mission Evaluation) and performing incident response and working in the global security operations center. The Sr. Security Engineer will also assist with identifying current and emerging cyber events, along with developing countermeasures with known and/or discovered indicators.
RESPONSIBILITIES
- Resolve incidents and problem tickets issued against supported devices within published SLAs
- Identify opportunities for process improvement and automation of repetitive tasks leveraging a SOAR platform
- Operate security operations technology (SIEM/EDR) and provide ongoing system support and advice to other users of this technology
- Devise and implement approaches to monitor applications and data flows via effective information dashboards for operational metrics, end-to-end system data processing, incident management, change control, and compliance
- Use monitoring data in combination with other sources to analyze the risk of a successful attack
- Proactively recommend new tools, techniques, and procedures to enhance SOC performance and quickly learn new tools as they are introduced
- Actively search all areas of the internal network for hidden threats and vulnerabilities
- Assist in the development and documentation of policies and processes
- Support audits and compliance efforts
- Participate in red/blue/purple team exercises as needed to analyze threat scenarios and assess internal defenses. Document results
- Engage positively across multiple teams to establish clarity, vision, and mutual trust in order to achieve business goals
- Adheres to industry-specific local, state, and federal regulations, as applicable
- Other duties as assigned
QUALIFICATIONS
- 3 + years of IT engineering experience
- Knowledge of operating systems internals and endpoint security experience
- General knowledge of APT campaigns, Tools, Techniques, & Procedures (TTP), malware attack vectors, memory injection techniques and malware persistence mechanisms
- U.S. Citizen
- Ability to obtain and maintain a Top Secret clearance
DESIRED QUALIFICATIONS
- Certified Information Systems Security Professional (CISSP) certification
- 5+ years of cybersecurity incident response participation
- Active security clearance a plus
Race/Color/Sex/Sexual Orientation/Gender Identity/Disability/Vet
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APT Audits Automation CISSP Clearance Cloud Compliance EDR Endpoint security Forensics Incident response Intrusion detection Malware Monitoring Red team Reverse engineering Security Clearance SIEM SLAs SOAR SOC Top Secret Top Secret Clearance Vulnerabilities
Perks/benefits: Career development Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.