Sr. Incident Response Engineer

Location: Palo Alto, CA
Date Posted: 04-20-2018
Seeking an Senior Incident Response engineer with extensive operational and engineering experience. The Senior Incident Response engineer will have responsibilities ranging across incident response, threat intelligence, threat analysis, forensic analysis, and support of advanced threat detection technologies. Day to day activity will include monitoring, tuning and triage of alerts, as well as building and maintaining the team’s tools and systems.
 
What you'll be doing:
  • Participate in a 24/7 on-call operation that monitors for and responds to security events on networks, including working with external entities, where necessary
  • Respond to information security incidents, including internal and external events and targeted threats
  • Develop internal tools and systems used to respond to incidents (e.g., forensic toolkits, logging pipeline) to support unique environment
  • Identify and execute on projects that improve our intrusion detection and incident response capabilities
 
Your background and who you are:
  • Minimum of 8 years’ experience in information security
  • BS degree in Computer Science or equivalent practical experience
  • Experience with MacOSX, Windows, Unix, and mobile platforms
  • 3 years of experience with computer forensics and incident response tools such as Encase, FTK, X-Ways Forensics, The Sleuth Kit, plaso (log2timeline), Volatility, rekall, GRR, Mandiant MIR, etc
  • 3 years of experience with scripting and coding in languages such as Python, Lua, C/C++, Ruby and/or Java
  • Experience with the current threat landscape including common attack types and malware capabilities
  • Experience in identifying, analyzing, scoping, containing and eradicating real-world threats Intimate knowledge of incident response phases and concepts
  • Experience in developing intrusion detection techniques with products like Bro, Suricata, and ELK
  • Open source projects or commits are a plus
 
Bonus points:
  • Previous experience with incident management and coordination
  • Extensive knowledge of internet security issues and threat landscape
or
this job portal is powered by CATS