Job Title: Cyber security Response Engineer
Location: Detroit, MI or Charlotte, NC (Hybrid)
Top Skills:
- Experienced with use case development lifecycle and risk based alerting mechanisms;
- Working knowledge of the incident response lifecycle and MITRE ATT&CK Framework;
- Splunk.
- Good communication skills – Proactive – independent, self-starter – independent worker who will take initiative and work well collaboratively. Confident and able to challenge respectfully and look for opportunities for continuous improvement. Able to mentor and coach junior team members
Position Description
The Cybersecurity Response Engineer position is a valued member of the Information Protection and Risk Management (IPRM) department. The Cybersecurity Response Engineer will be a part of the Cyber Threat Response (CTR) team and will primarily serve the Security Operations Center (SOC) and Cyber Security Incident Response Teams (CSIRT) by developing and maintaining alert use cases, onboarding new security tools, facilitating access and training, and managing overall risk. To do so, they will also work closely with the Cyber Analytics and Data Science (CADS) team, as well as various Cyber Security Technology (CST) engineering teams throughout IPRM.
Job Responsibilities
- Develop advanced security alerts for SOC consumption
- Identify automation opportunities leveraging a SOAR tool to optimize SOC processes
- Coordinate with different teams to complete agile project objectives
- Generate reports around security events and metrics
- Provide support for incident response investigations
- Utilize attack simulations to test or discover alerting conditions
- Participate in Threat Hunting exercises
Qualifications
- Working knowledge of the incident response lifecycle and MITRE ATT&CK Framework
- Familiar with various security platforms and tools, such as firewall, proxy, SIEM, and SOAR
- Experienced with use case development lifecycle and risk based alerting mechanisms
- Ability to analyze large data sets to identify trends and anomalies indicative of malicious activity
- Ability to interact with personnel at all levels across the organization and to comprehend business imperatives
- Ability to thrive in a fast-paced environment and capable of working under pressure with little direction
- Experienced with investigations into common attack scenarios, such as phishing and credential validation attacks
- Experienced at performing complex security investigations and root cause analysis
- Familiar with cloud platforms, such as AWS and Azure, and their corresponding security toolsets
- Well organized and comfortable prioritizing a wide variety of goals and objectives by risk
- Thrives in team environment involving a diverse set of skills and personalities
- Maintaining awareness of the cyber threat landscape
- Practical understanding of network protocols and operating systems
- Broad understanding of security mitigation solutions at all layers
- Minimum of four years information security specific experience
- Bachelor\'s degree in information systems or equivalent experience
- Security+ or CYSA+ certification preferred
- Self-driven and motivated with a strong passion for cybersecurity
- Excellent verbal and written communications skills
- Excellent problem solving and troubleshooting skills with a strong attention to detail
Please apply on our secured job site at <<https://intellibee.my.salesforce-sites.com/apps/jobs?id=a0AUU000001HRuT2AW >> or email careers@intellibee.com
Job Types: Full-time, Contract
Benefits:
- 401(k)
- Dental insurance
- Health insurance
Schedule:
Experience:
- Linux: 5 years (Preferred)
- Cybersecurity: 5 years (Preferred)
- Information security: 5 years (Preferred)
Work Location: On the road