Summary

The role of Senior Incident Response Engineer, will determine root cause in security incidents and shape security measures for Cyber74 clientele. This will include traditional incident response activities (response planning and rehearsal, IT architecture documentation). The successful incumbent will have deep technical expertise in threat intelligence and hunting, incident detection at scale, and creating effective incident containment and response practices, coupled with a broad understanding of the security and digital information technology landscape.

Primary Responsibilities

• Investigate attacks against our clients while performing deep forensic analysis to determine attack vectors, TTP and more
• Monitor and analyze emerging threats, vulnerabilities, and exploits
• Participate in threat hunting missions and remediate gaps that are identified
• Collect, analyze, and properly preserve digital evidence from our client's laptops, desktops, servers, and cloud assets
• Ensure appropriate tracking and handling of events to meet audit and legal requirements
• Assist in finding the proper balance between enabling and securing, in relation to the client's organization, culture and ecosystem
• Document and maintain automation workflows for Incident Response processes
• Develop Incident Response playbooks and assist in root cause analysis and incident reviews as needed
• Serve as an escalation point for cybersecurity incidents not resolved by analysts
• Collaborate with Engineering team members to build and develop solutions and tools that identify and mitigate risk. Translate use cases into technical requirements and drive actionable results.
• Work closely with incident manager, project management, Security operations manager, and client personnel to determine best course of action to meet client requirements
• Interact with outside legal teams and Cyber Insurance agencies on an as-needed basis

Skills & Experience

• 5-7+ years of cyber security, incident response, or threat hunting experience
• Extensive knowledge of Monitoring (SIEM) and Detection (EDR)
• Strong written and verbal skills
• Extensive knowledge of cloud platforms like Microsoft’s Office 365/Azure or Amazon Web Services
• Deep understanding of attack models such as MITRE's ATT&CK framework, and experience applying them in small/medium sized client environments
• Knowledge of anti-forensics tactics, techniques, and procedures
• Highly skilled in analyzing memory dumps to extract information
• Must be able to influence without authority, innovate to tackle tough problems, and communicate clearly to all levels of the organization
• Ability to thrive in a supportive, result-oriented community and are committed to the relentless pursuit of continuous growth

Preferred Certifications (One or More certifications of the following)

• CISSP (Certified Information Systems Security Professional)
• GCIA (Certified Intrusion Analyst)
• GCIH (Cetified Incident Handler)
• GCFA (Certified Forensic Analyst)
• eCIR (eLearnSecurity Certified Incident Responder)
• eCTHPv2 (eLearnSecurity Certified Threat Hunting Professional)

Our Team members enjoy

• A Fun, friendly culture
• The ability to work from home / work remotely for nearly all positions
• A collaborative environment where you can make an impact and help direct our future
• Family friendly, flexible schedules
• Company provided training and growth opportunities
• A career path and roadmap that allows you to move up in the company and try new things
• We’re a mission focused cybersecurity company, we all love security (and might be a little paranoid about it), and we love protecting our clients
• Unlimited Responsible Time Off Policy
• Gym membership
• Company paid cell phone
• 401k with immediate 5% match, Health/Dental/Vision Insurance, Paid Gym memberships, Etc. (the typical stuff)

Cyber 74 is committed to equal opportunity regardless of race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity, or other characteristics protected by law. We value diversity and the existence of similarities and differences, both visible and not, found in our workforce, workplace and throughout the markets we serve. Our associates, customers and shareholders contribute unique and different perspectives as a result of these diverse attributes.