Sr. Incident Response Security Engineer
Company: Arrow Electronics, Inc.
Posted on: March 18, 2019
Sr. Incident Response Security Engineer Position: Sr. Incident Response Security Engineer Job Description: Job SummaryPart of Arrow Electronics Global Enterprise Services Team, the Sr. Incident Response Engineer will generally assist with service delivery by identifying, minimizing, and monitoring attack surfaces through vulnerability management, patch management and security monitoring services. Ideal candidates can identify key data points on systems which may be indicators of an attack. The analyst will be primary for activities around data preservation management, data collection and data extraction. The analyst must have a high attention to detail, be very flexible, and have the ability and desire to learn new technical tools and procedures. The analyst will also serve as a key role in the Incident Response forensics and examination programs. Job ResponsibilitiesIncident response lead on investigations and applied in the context of a broader understanding of CSIRT and related systems and processes.Incident responder who conducts forensics examination of digital media, memory, malware, packet capture and logs AND can develop the tools necessary to perform cutting edge analysis.This person should have the skills to conduct the analysis when needed but will primarily be focused on solving new problems and implementing research techniques.Encouraging improvement and innovation within Incident response and nurturing and developing less-experienced staff through coaching and written and verbal feedback.Define solutions to exceptions that occur during the performance of forensicsUtilize IT skills and experience to define potential solutions to forensicsPrepare and review reports that promote constant security enhancements.Apply and execute standard information systems theories, concepts and techniques and assist in the development of standards and procedures.Transitioning, maintaining, or using Security Technologies such as Security Incident and Event Management (SIEM), Endpoint protection, Data Loss Prevention, and Forensic tools.Troubleshoot SIEM data collection, notification tuning and alerting.Work with Security Operations L1-L3 on detection and response playbooks.QualificationsBA/BS degree preferredMinimum 4 years of Information Security experienceMinimum 3 years of Incident Response experienceForensic examination experience, including top tools (SIFT, Volatility, Magnet AXIOM, Autopsy, F-Response, and others)Solid background in network and systems administration as they relate to security best-practicesFamiliarity with troubleshooting network communication and system configuration issuesComprehension of top security threats (OWASP Top 10, SANS 25, NVD, etc.) and their remediation techniquesFamiliarity with tools such as nmap, wireshark, psexec, nessus or similar solutionsOperational experience with the following preferred: Firewalls, Vulnerability scanners, Intrusion Detection/Prevention systems, End Point Protection Systems, SIEM Log Management SystemsWorking knowledge of the Electronic Discovery Reference Model (EDRM)Ability to meet deadlines and Service Level Agreements (SLA's) while performing activities in a time critical, highly confidential processHigh level of discretion in dealing with sensitive and confidential informationStrong analytical and verbal skillsNice to have Working knowledge of software development and or scripting languages such as Python, Ruby, C# and/or PowerShellExperience with Cybersecurity SOAR platforms specifically with Phantom (Splunk)Experience working with advanced eDiscovery tools such as Security&Compliance Center for Office 365, Exchange 2013 eDiscovery component, SharePoint 2013 eDiscovery componentWorking knowledge of regular expressions (regex)Comfortable working with command-line interfaces and with cloud environments such as AWS and AzureWorking knowledge of Boolean expressionsWorking knowledge of the Microsoft Keyword Query Language Structure#DICE##LI-NS1 Location: Denver (Panorama) Time Type: Full time Job Category: Non-Customer Facing/Supplier Facing
Keywords: Arrow Electronics, Inc., Denver , Sr. Incident Response Security Engineer, Other , Englewood, Colorado
Didn't find what you're looking for? Search again!