Incident Response Lead Engineer / FULLY REMOTE / eCommerce Giant

Description: This global eCommerce giant has begun its expansion into the United States and is in the process of building out their security team. Be at the start of an exciting chapter in their history as they make their mark on the North American market. They are bringing on a multitude of roles including a Lead Incident Response Engineer that will be leading the design, implementation and execution of platform, policy, playbook and protocol development for incident response and reliability engineering in their Global Security Operations Center. This operations and IR expert will ensure all production security controls and technologies operate in compliance with all established polices and SLAs, across all aspects of the security operating framework. As a Lead you should have a deep technical understanding of application and network security practices, as well as all IR protocols and practices. You must also be familiar with security industry standards and best practices, and must be able to effectively work with development, engineering and operational counterparts, across a broad deeply technical environment.

• 5+ years of experience
• Possess a Bachelor's degree or higher in the field of engineering, computer science or equivalent professional experience.
• Must demonstrate a general understanding of enterprise networking and server environments, cybersecurity incident response and forensics analysis principles, theories, concepts and techniques.
• Must have experience organizing, planning, scheduling, conducting, and managing work assignments to meet project milestones/completion dates.
• Strong working and practical knowledge of security monitoring, threat hunting, log management, SIEM and data analytics.
• Strong working and practical knowledge of digital forensics and analysis.
• Must be technically adaptable in changing environments.
• Ability to work independently or in a team environment.
• Ability to work extended hours as required.
• High level of personal integrity and professionalism.
• Must be able to support on-call, escalation, and a fast-paced environment.

• Relevant cyber security certifications, such as CISSP and GIAC are highly desired.
• Working knowledge or experience in Python, Powershell, SQL, and similar scripting languages desired.

• Active threat hunting within their network using a formalized process
• Identifying cybersecurity vulnerabilities and participating in the development and implementation of remediation.
• Performing digital forensics for cybersecurity and internal investigations using industry standard tools such as EnCase, FTK, Magnet Axiom, etc.
• In-depth reporting of cybersecurity and internal investigations.
• In-depth threat analysis and reporting using various tools including but not limited to Incident Response Case Management, EDR, SIEM, MITRE Framework
• Maintenance and upkeep of the forensics environment and analysis tools.
• Developing and testing custom detection signatures and implementing manual/automated threat response mechanisms.
• Working in partnership with the global SOC and IT organizations as an escalation resource for incident response and threat analysis.
• Developing process enhancements and efficiencies using a dedicated SOAR platform to improve overall incident response and team effectiveness
• Maintains the strict confidentiality of sensitive information
• Performs other duties as assigned or required
• Establish credibility throughout the organization by earning the reputation for being a proactive operations leader and change agent.
• Sustain high-availability service levels and ensure fulfillment of business-wide service levels and operational support objectives.

• Competitive Pay: Up to $185k a year + Bonus

• Medical Insurance

• Dental & Orthodontia Benefits
• Vision Benefits
• Hospital Indemnity Insurance
• 401(k) including match
• Paid Sick Time Leave

• Add additional perks specific to the work environment