- The person filling the position of L3 Cybersecurity Incident Response Engineer will join Client Information Security, Risk and Compliance organization as part of a team focused on the ongoing development and operations of Client global Cyber Fusion Center.
- The L3 Cybersecurity IR Engineer will be engaged to respond, scope, mitigate, and remediate the most complex cybersecurity incidents.
- They will be expected to utilize forensic methodologies to investigate potential cybersecurity incidents to include: evidence handling/chain of custody; acquiring data remotely in a forensically sound manner; utilizing multiple artifacts to identify threat actor/malware activity, analyzing output from various technologies in order to effectively investigate potential compromise; and delivering clear written reports to the cybersecurity team.
- Responsible for leading incident response and cyber forensic investigations for the most complex cybersecurity incidents, including developing a detailed case timeline tracking relevant log artifacts
- Collect and investigate host-based forensic artifacts to determine threat actor and/or malware activity on a suspected compromised host
- Utilize host, identity, and network artifacts to track lateral movement activity
- Identify the root cause of complex cyber incidents and develop recommendations to prevent recurrence
- Provide feedback to security solutions specialists on cyber defense best practices to combat dynamic cyber threats
- Provide Subject Matter Expertise on relevant cyber threat actor methodologies, including recommendations for detection and prevention
- Develop and review technical training materials for L1/L2 CSOC analysts
- Provide guidance, training, and feedback to CSOC analysts
- 5-6 years of security experience with at least 4 of those years within cyber incident response
- 2 years of cyber forensic response
- Expert knowledge of forensic methodologies and best practices to investigate intrusions, preserve evidence, and coordinate a unified security response
- Experience using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise
- Experience leading technical incident response assessment during high stress crisis events
- Strong knowledge of host, identity, and network artifacts utilized during IR
- Strong knowledge of network protocols and ability to perform analysis of associated network logs
- Fluent in speaking and writing English
Preferred Qualifications:
- University Degree in MIS, Computer Science, or related field from a recognized college or university
- Experience automating processes with scripting languages such as Python and Powershell
- Experience working with RESTful APIs
- CISSP or related certification
- Works with moderate work direction, and can identify issues/problems but may need assistance in resolving and is responsible for implementing tasks assigned for a corporate pricing application. Possesses the ability to help junior configuration engineer’s initial setup and development locally.
- Possess the ability to implement tasks according to established development standards including local configuration, unit testing and debugging processes and escalate issues as they arise.
- Posses the ability to handle complex assignments with supervision from a more senior configuration engineer.
- CE-I plus.
- Ability to troubleshoot issues within the application.
- Reporting status and completion percent to the Lead CE.
Horizontal is proud to be an Equal Opportunity and Affirmative Action Employer. We seek to provide employment opportunities to talented, qualified candidates regardless of race, color, sex/gender including gender identity and/or expression, national origin, religion, sexual orientation, disability, marital status, citizen status, veteran status, or any other protected classification under federal, state or local law.
In addition, Horizontal will provide reasonable accommodations for qualified individuals with disabilities. If you need to request a reasonable accommodation in order to complete the application or interview process, please contact hr@horizontal.com.
All applicants applying must be legally authorized to work in the country of employment.
Success!
You have saved your first job! To see all your Saved Jobs, click here. Or continue scrolling through jobs and bookmark openings that catch your eye and apply for those jobs later.
We’re sorry!
There are currently no open positions in your location or accepting applications from out of the country
Return to Home