Security Engineer

The role of the Security Incident Response Engineer is to provide specialized technical expertise in managing the firm's incident response processes and activities. This professional will play a crucial role in identifying, analyzing, and responding to potential threats to safeguard the firm's security.

This is a hybrid role to Tampa or Chicago. 

Responsibilities:

• Utilize security expertise in incident response to safeguard and mitigate the firm from information security threats
• Contribute digital forensics expertise with an excellent understanding of current and emerging threats
• Adopt a dual perspective, thinking both like an attacker and a defender, to effectively navigate incident response incidents or events to resolution
• Collaborate with cross-functional teams to ensure a comprehensive response to security incidents

  Skills and Experience:

  • Bachelor's degree in Computer Science or equivalent practical experience
  • Certifications such as CISSP, OSCP, CEH, or SANS GCFE, GCFA, GNFA, GCTI, GREM, or GCIH
  • Extensive experience in security incident response within an enterprise environment
  • Strong proficiency in Windows systems forensics, diagnostics, and image acquisition strategies
  • Assess and evaluate emerging vulnerabilities in the cyber threat landscape
  • Leadership experience in Computer Security Incident Response Team (CSIRT) activities throughout the incident lifecycle
  • Solid understanding of TCP/IP protocols, with experience in Wireshark and packet analysis tools
  • Excellent knowledge of application security controls and penetration testing methodologies
  • Proficient in scripting, preferably in Python or a similar language
  • Experience in risk analysis and reporting at the executive level
  • Design and implement incident response policies and procedures
  • Extensive experience with Security Information and Event Management (SIEM) and log analytics
  • Knowledge of Security Orchestration, Automation, and Response (SOAR) for incident response automation and remediation
  • Working knowledge of cloud security technologies, standards, and controls
  • Exceptional analytical skills, including the ability to gather and analyze facts, formulate objective conclusions, define problems, and propose effective solutions
  • Adaptability to integrate and modify existing programs or vendor-supplied package programs for use with existing information systems
  • Proficient in oral and written English
  • Ability to work productively and maintain focus without direct supervision