Technical Incident Response Engineer

Technical Incident Response Engineer

12 Jan 2024
Illinois, Elkgrovevillage, 60007 Elkgrovevillage USA

Technical Incident Response Engineer

Vacancy expired!

Job Title :

Technical Incident Response Engineer
Job Location : Onsite (Elk Grove Village, IL)
Job Duration : 6 month Option to Hire

Job Description :
  • Respond to, remediate, and document security incidents involving computing infrastructure reported by but not limited to Automated SIEM alerts, tickets, emails, or phone calls.
  • Act as the primary investigator for potential incidents identified by Security Operations Center (SOC) analysts.
  • Work closely with the Information Security office to remediate incidents and preventative measures are reviewed for effectiveness.
  • Investigate phishing and self-identified potential cyber threats (phishing emails sent to the Client Data Services support desk).
  • Work with system and software engineers to analyze, triage, contain, and remediate security incidents.
  • Track incident management thoroughly and communicate with end-users and senior management officials effectively.
  • Analyze firewall logs, Full Packet Capture (PCAP), IDS alerts, Anti-malware alerts, Host Intrusion Prevent System (HIPS), and server and application logs to investigate events and incidents for anomalous activity and produce reports of findings.
  • Perform reconciliation of environmental changes to devices and prepare appropriate reports of findings.
  • Participate regularly in SOC working group sessions, including idea generation for new content rules for security alerting and reduction of false positives. Collaborate across organizational lines and develop depth in your desired cyber discipline and technologies.
  • Follow documented procedures yet have an eye towards process improvement/effectivity.
  • Maintain knowledge of multiple technologies and system types.
  • Improve Application Security by identifying applications with logs that need monitoring and alerting created or improved.
  • Actively review the enterprise for insecure, suspicious, or malicious activity.

Qualifications:
  • Bachelor’s degree with emphasis in Computer Science, Engineering preferred.
  • Network solution certifications, including Cisco CCNA or Juniper JNCIA track, are preferred.
  • Three years of experience that is directly related to cybersecurity is required.
  • Previous experience with enterprise NAC/UAC solutions in a work environment is required.
  • Experience in PSIRT, CSIRT, incident response, and/or vulnerability response is required.
  • Experience with event and incident response tooling and alert design within monitoring solutions is required.
  • Experience in computer network and system design and the implementation of network and system operational controls is required.
  • Network infrastructure knowledge and experience in LAN/WAN infrastructure technologies are required.
  • Knowledge of TCP/IP and other application and network-level protocols is required.
  • Experience using commercial Security Incident and Event Management (SIEM), “Next-generation” firewalls, web-content filtering systems, and/or Intrusion Prevention Systems is required.
  • Understanding of and experience with patch automation, orchestration, and management tooling for on-premise, private cloud, and cloud infrastructure is required.
  • Understanding and experience with infrastructure as code is required.
  • Working knowledge of multiple office LAN/WAN interconnectivity is strongly preferred.
  • Some exposure to Linux OS is a plus.
  • Must be professional, comfortable speaking with external and internal contacts with a demonstrated ability to tailor the message appropriately to the audience and situation effectively.
  • Ability to relay technical information to both technical and non-technical personnel
  • Ability to write technical documentation.
  • Demonstrated ability to convey thoughts and ideas effectively and succinctly via written formats, including emails, letters, and electronic platforms. Maintain professional standards relating to spelling and grammar.
  • Maintain credibility through professional demeanor, appearance, and presence by modeling standards appropriate to our environment and industry.
  • Maintain good working relationships with internal partners by exhibiting exemplary interpersonal skills, adopting a constructive, solutions-focused approach.
  • Use sound professional judgment to balance the interests of the organization and customer, understanding and using available resources to mitigate risks.
  • Proficient in MS Windows OS, Network vendor solutions (Juniper, Cisco, Aruba), Network Management, and Firewall is required.
  • Experience with Servers, Routers, TCP/IP Schema, Switching, Remote Access Solutions, Server Hardware HP, IBM, Dell, and NFS/ISCCI/CIFS networking/storage inter dependencies is required.
  • Proficiency with Microsoft O365 products and applications, including the ability to effectively prepare or review documents, procedures, and reports.
  • Demonstrated ability to learn new systems and applications, as well as the ability to understand, adapt and adjust responsibilities/workflows as a result of system upgrades.
  • Occasional travel to other Client locations, Bank functions and training facilities may be required.
  • Typical hours are Monday through Friday 8:00 a.m. to 5:00 p.m. Additional hours may be required depending upon business need.
  • Rotational Saturday work and off-hours on-call availability

Job Details

  • ID
    JC31235097
  • State
  • City
  • Job type
    Contract
  • Salary
    Depends on Experience
  • Hiring Company
    Microtek Staffing Services
  • Date
    2022-01-11
  • Deadline
    2022-03-12
  • Category

Jocancy Online Job Portal by jobSearchi.