Our E-Commerce client is seeking a Cyber Security Incident Response Team (CSIRT) Engineer. You will have the opportunity to build innovative solutions to identify and mitigate information-security threats and work collaboratively to creatively solve complex security problems in a heterogeneous environment.
Your skills, vision, tenacity, and passion will help defend and respond daily to keep ecritical information assets away from threats and hackers. This specific position requires the ability to work Swing and/or Graveyard shifts with rotations into Day shift.
Core Job Functions include:
Your skills, vision, tenacity, and passion will help defend and respond daily to keep ecritical information assets away from threats and hackers. This specific position requires the ability to work Swing and/or Graveyard shifts with rotations into Day shift.
Core Job Functions include:
- Investigating computer and information security incidents to determine extent of compromise to information and automated information systems
- Responding to escalated events from security tooling to develop/execute security controls, Defense/countermeasures to prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.
- Researching attempted or successful efforts to compromise systems security and designs countermeasures.
- Education - maintaining proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.
- Communications – Provides information and updates to shift leads & leadership, creates pass-downs for next shift, work closely with supporting teams, provide feedback for new security policy and standards, engage with other teams and adjacencies through email and conference calls.
- Digital Forensics – As it relates to information systems, performs HR investigations and legal holds in a forensically sound manner. Consults with HR and legal subject matter experts to adhere to local country law
- Coverage – Must be willing to perform shift work, weekends, and holidays as well as participate in a rotating shift consisting of four (4) 10 hour shifts with four days on, three (3) days off and possible rotations across Day, Swing, and Graveyard shifts as needed.
You'll need:
- Bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or a related field.
- Experience in incident detection and response, malware analysis, or digital forensics.
At least one (1) of the following certifications:
SANS GIAC: GCED, GCIA, GPEN, GWAPT, GSNA, GPPA, GAWN, GWEB, GNFA, GREM, GXPN, GMON, GCIH
ISC2: CCFP, CCSP, CISSP
Cisco: CCNA, CCNP
CERT: CSIH
EC Council: CEH, ENSA, CNDA, ECSS, ECSP, ECES, CHFI, LPT, ECSA, or ECIH
Offensive Security: OSCP, OSCE, OSWP and OSEE
Digital Forensics: EnCE, CB, MiCFE, ACE, GCFA, GCFE
As well as experience with:
- Incident Response – Getting people to do the right thing in the middle of an investigation.
- Offensive Techniques – Penetration testing, IOCs, and exploits at all layers of the stack.
- Logs - you should be comfortable with a SEIM to be able to gather and analyze logs to recreate incidents and hunt for threats.
- System Forensics – Basic understanding of image acquisition techniques, memory forensics, and the like.
- Networking Fundamentals - TCP/IP Protocols (HTTP, DNS, FTP, DHCP, ARP, etc.), and Wireshark/TCPDump.
- Scripting – Should be familiar with scripting in at least one of the following: python, perl or a similar language.
- Risk Analysis – Taking a vulnerability in a particular environment and understanding the practical associated risk.