Search Jobvertise Jobs
Jobvertise

L Cybersecurity Incident Response Engineer Sr Lead
Location: US-MN-Minneapolis
Email this job to a friend

Report this Job

Report this job




Incorrect company
Incorrect location
Job is expired
Job may be a scam
Other







Apply Online
or email this job to apply later

L3 Cybersecurity Incident Response Engineer (Sr/Lead)

Location: Remote

Job Posting Title

L3 Cybersecurity Incident Response Engineer

Job Summary:

The person filling the position of L3 Cybersecurity Incident Response Engineer will join Information Security, Risk and Compliance organization as part of a team focused on the ongoing development and operations of global Cyber Fusion Center.

The L3 Cybersecurity IR Engineer will be engaged to respond, scope, mitigate, and remediate the most complex cybersecurity incidents. They will be expected to utilize forensic methodologies to investigate potential cybersecurity incidents to include: evidence handling/chain of custody; acquiring data remotely in a forensically sound manner; utilizing multiple artifacts to identify threat actor/malware activity, analyzing output from various technologies in order to effectively investigate potential compromise; and delivering clear written reports to the cybersecurity team.

Primary Responsibilities include but are not limited to the following:
Responsible for leading incident response and cyber forensic investigations for the most complex cybersecurity incidents, including developing a detailed case timeline tracking relevant log artifacts
Collect and investigate host-based forensic artifacts to determine threat actor and/or malware activity on a suspected compromised host
Utilize host, identity, and network artifacts to track lateral movement activity
Identify the root cause of complex cyber incidents and develop recommendations to prevent recurrence
Provide feedback to security solutions specialists on cyber defense best practices to combat dynamic cyber threats
Provide Subject Matter Expertise on relevant cyber threat actor methodologies, including recommendations for detection and prevention
Develop and review technical training materials for L1/L2 CSOC analysts
Provide guidance, training, and feedback to CSOC analysts

Basic Qualifications:
5-6 years of security experience with at least 4 of those years within cyber incident response
2 years of cyber forensic response
Expert knowledge of forensic methodologies and best practices to investigate intrusions, preserve evidence, and coordinate a unified security response
Experience using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise
Experience leading technical incident response assessment during high stress crisis events
Strong knowledge of host, identity, and network artifacts utilized during IR
Strong knowledge of network protocols and ability to perform analysis of associated network logs
Fluent in speaking and writing English

Required: SANS GCFA (Certified Forensic Analyst)

#DICE

C4 Technical Services

Apply Online
or email this job to apply later


 
Search millions of jobs
Jobvertise

Jobseekers
Search Jobs
Post your Resume
Setup Job Alerts
Jobseeker Q&A
Jobseeker Resources
Jobseeker Blog
Create Free Account
Jobseeker Login
Employers
Search Resumes Free
USA Resumes
Canada Resumes
International Resumes
Featured Jobs
Pricing
Employer Info
Employer FAQ
Employer Blog
Create Account
Employer Login
Company
Testimonials
Link To Us
Company Info
Contact Us

Jobs by Title | Resumes by Title | Top Job Searches
Privacy | Terms of Use


* Free services are subject to limitations