Incident Response Engineer

2 weeks ago

San Antonio, United States Arctic Wolf Co Full time

Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry-cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience.

Our mission is simple: End Cyber Risk. We're looking for an Incident Response Engineer to be part of making this happen. We know that cyber risk is ever evolving, and we know ending cyber risk is impossible, but that's why we love cyber security Every day is different.

About the Role

The Incident Response Engineer role is for experienced IT and cyber security professionals with foundational digital forensics experience and knowledge that wants to be involved in all aspects of cyber security and learn something new every day. This role's primary focus is on digital forensics investigations, evidence preservation, and IT restoration and recovery services. The role is frequently the lead digital forensic analyst on response engagements responsible for finding the root cause of incidents, determining what attacker persistence mechanisms need to be remediated, and finding all actions from the attacker and malware. On extremely complex cases, this person would work alongside a team lead or senior incident response engineer.

This role is client facing, and both technical skills and soft skills are incredibly important. Our incident response team works with clients who are in crisis, and our elite technical and soft skills make a terrible situation as good as it can possibly be for our clients.

Responsibilities:

Digital Forensics

  • Perform digital forensic functions including but not limited to host-based analysis through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
  • Process collected data and conduct defensible data acquisitions through in-depth analysis.
  • Preserve and analyze data from electronic data sources and systems including laptop and desktop computers, servers, mobile devices, and cloud services (Azure, AWS, etc.).
  • Examine firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity.
  • Be able to determine the root cause, find persistence mechanisms, and find all actions of the threat actor in most incidents.
  • Participate in incident response engagements to guide clients and/or junior team members through forensic investigations, contain security incidents, and provide guidance on longer-term remediation recommendations.
  • Record detailed data for each incident that can be used in threat research and marketing initiatives
Restoration and Remediation
  • Ability to preserve evidence from complex systems and networks
  • Ability to rebuild servers and workstations.
  • Ability to restore servers from nearly any backup system
  • Assist with decryption of data when needed.
  • Ability to recreate hypervisor environments and manage virtual servers
Client and Partner Management
  • Provide support on incident response engagements in collaboration with the Team lead and Engagement Manager leading the engagements to guide client's containment, remediation, restoration, and forensic investigations.
  • Provide long term security recommendations that are well thought out and specific to the incident that the client experienced.
  • Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel.
  • Be able to lead an engagement solo from start to finish when needed.
  • Be able to bring calm to escalated situations.
General
  • Participate in weekday escalation on call schedule.
  • Participate in weekend rotation schedule.
  • Participate in holiday rotation schedule.
  • Contribute towards R&D projects, such as, tools, techniques, threat research projects.
  • Contribute to marketing initiatives.
Required Skills:

The ideal candidate for this role would have a few years of digital forensics and cyber security experience or education as well as a strong IT background and core understanding of enterprise networks.
  • Forensic Analysis - Ability to find the root cause of an incident, find attacker persistent mechanisms, and determine what data was accessed or stolen by an attacker
  • General cyber security best practices knowledge
  • Windows IT admin experience with Azure, Windows AD, Exchange, etc.
  • Managed Service Provide (MSP) experience solving problems and managing customers.
  • Investigative mindset with the ability and desire to untangle complex situations
About Arctic Wolf

At Arctic Wolf we're cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow globally. We've been named one of the 50 Most Innovative Companies in the world for 2022 (Fast Company)-and the 2nd Most Innovative Security Company. This is in addition to consecutive awards from Top Workplace USA (2021, 2022), Best Places to Work - USA (2021, 2022) and Great Place to Work - Canada (2021, 2022).

Our Values

Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that-by protecting people's and organizations' sensitive data and seeking to end cyber risk- we get to work in an industry that is fundamental to the greater good.

We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here.

We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities.

All wolves receive compelling compensation and benefits packages, including:
  • Equity for all employees
  • Bonus or commission pay based on role
  • Flexible time off, paid volunteer days and paid parental leave
  • 401k match
  • Medical, Dental, and Vision insurance
  • Health Savings and Flexible Spending Agreement
  • Voluntary Legal Insurance
  • Training and career development programs
Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com.

Security Requirements
  • Conducts duties and responsibilities in accordance with AWN's Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies).
  • Background checks are required for this position.
  • This position may require access to information protected under U.S. export control laws and regulations, including the Export Administration Regulations ("EAR"). Please note that, if applicable, an offer for employment will be conditioned on authorization to receive software or technology controlled under these U.S. export control laws and regulations

  • Associate Incident Response Engineer

    2 weeks ago

    San Antonio, United States Arctic Wolf Co Full time

    Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry-cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience. Our mission is simple: End Cyber Risk. We're looking for an...

  • Engineering Manager

    3 days ago

    San Francisco, California, United States Pager Full time

    About the RolePagerDuty is seeking an experienced Engineering Manager to lead our incident management team. As a key member of our engineering leadership team, you will be responsible for managing a team of software engineers responsible for owning critical services within the PagerDuty product.Key ResponsibilitiesTeam Leadership: Manage a team of software...

  • Incident Response Specialist

    1 week ago

    San Antonio, Texas, United States Dunhill Professional Search Full time

    Job SummaryWe are seeking a highly organized and motivated analyst to support our Infrastructure Cloud team as an Incident Support Specialist. This role is ideal for individuals looking to start a career in incident response and cloud managed platforms.Key ResponsibilitiesTrack and resolve cloud infrastructure issues from occurrence to resolution in...

  • Incident Response Specialist

    1 week ago

    San Antonio, Texas, United States Dunhill Professional Search Full time

    Job SummaryWe are seeking a highly organized and motivated analyst to support our Infrastructure Cloud team as an Incident Response Specialist. This role is ideal for individuals looking to start a career in incident response and cloud managed platforms.Key ResponsibilitiesTrack and resolve cloud infrastructure issues from occurrence to resolution in...

  • Senior Cybersecurity Incident Response Engineer

    2 weeks ago

    San Francisco, California, United States Wells Fargo Full time

    Overview:Wells Fargo is in search of a Senior Cybersecurity Incident Response Engineer with a robust background in incident management, network forensics, and proactive threat detection. The ideal candidate will possess a comprehensive understanding of endpoint and network security measures, alongside a foundation in offensive security to facilitate an...

  • Incident Response Forensics Consultant

    1 week ago

    San Francisco, California, United States New Era Technology Full time

    Job OverviewAbout the Role:New Era Technology is on the lookout for a skilled Digital Forensics Engineer to join our Threat Management Team. This position focuses on providing forensic acquisition and analytical support across various environments, enhancing our security posture through thorough root cause analysis.Key Responsibilities:Gather, process,...

  • Cybersecurity Hunt and Incident Response Specialist

    1 week ago

    San Ramon, California, United States Five9 Full time

    Job OverviewJoin our mission to enhance customer satisfaction. Five9 stands at the forefront of cloud contact center solutions, delivering innovative technology to clients globally.Embracing our core values fosters a collaborative culture that drives innovation, growth, and shared success. We celebrate diverse backgrounds and promote an inclusive atmosphere,...

  • Cybersecurity Incident Response Specialist

    2 weeks ago

    San Diego, California, United States NavitsPartners Full time

    Job OverviewPosition: Threat Response CoordinatorKey Responsibilities: Oversee security notifications, coordinate incident management, and disseminate threat intelligence to safeguard clients. Utilize platforms such as Azure ATP and Office 365 ATP for incident handling and investigation. Provide assistance and compile detailed reports.Essential...

  • Cybersecurity Engineer

    3 days ago

    San Diego, California, United States Apple Full time

    About the RoleAt Apple, we're seeking a highly skilled and dedicated Cybersecurity Engineer to join our security team. As a Detection and Response Engineer, you will play a critical role in ensuring the security of our systems and infrastructure.Key ResponsibilitiesIncident Handling and MitigationLead the initial response to security incidents, ensuring...

  • Security Engineer

    5 days ago

    San Francisco, California, United States Security Bank & Trust Co. Full time

    About the RoleWe are seeking a highly skilled Security Engineer - Detection and Response to join our team at Security Bank & Trust Co. as a key member of our Security team. As a Detection and Response Security Engineer, you will play a critical role in implementing and maintaining our security infrastructure, detecting and responding to security incidents,...

  • Senior Manager of Incident Response

    5 days ago

    San Mateo, California, United States Motion Recruitment Full time

    About the RoleMotion Recruitment is seeking a highly experienced Director of Managed Detection and Response to join our client's team in Dallas, TX or San Jose, CA. As a key member of the leadership team, you will be responsible for developing and executing a strategic vision for MDR services, leading and mentoring a team of consulting analysts, and...

  • Cybersecurity Engineer

    4 days ago

    San Diego, California, United States Apple Full time

    About the RoleAt Apple, we're seeking a highly skilled and dedicated Cybersecurity Engineer - Detection and Response to join our security team. As a key member of our team, you will play a critical role in ensuring the security of our systems and infrastructure used to manage, build, and distribute our software.Key ResponsibilitiesIncident Handling and...

  • Major Incident Management Analyst

    2 weeks ago

    San Antonio, United States TEKsystems Careers Full time

    *Description:* Incident Management: o Lead the resolution of major incidents across all IT services, coordinating efforts across multiple teams and vendors. o Ensure timely communication to stakeholders and leadership during incidents, providing regular updates on status, impact, and resolution efforts. o Facilitate post-incident reviews (PIRs) to identify...

  • Major Incident Management Analyst

    2 weeks ago

    San Antonio, United States TEKsystems Full time

    Description: Incident Management: o Lead the resolution of major incidents across all IT services, coordinating efforts across multiple teams and vendors. o Ensure timely communication to stakeholders and leadership during incidents, providing regular updates on status, impact, and resolution efforts. o Facilitate post-incident reviews (PIRs) to identify...

  • Major Incident Management Analyst

    2 weeks ago

    San Antonio, TX, United States TEKsystems Careers Full time

    *Description:* Incident Management: o Lead the resolution of major incidents across all IT services, coordinating efforts across multiple teams and vendors. o Ensure timely communication to stakeholders and leadership during incidents, providing regular updates on status, impact, and resolution efforts. o Facilitate post-incident reviews (PIRs) to identify...

  • Senior Software Engineer

    4 days ago

    San Jose, California, United States TikTok Full time

    About the RoleWe are seeking a highly skilled Senior Software Engineer to join our Privacy Response team at TikTok. As a key member of our team, you will play a critical role in shaping our data privacy framework, leveraging cutting-edge privacy technology, and making a significant impact on our company and community.ResponsibilitiesDesign and build...

  • Security Response Officer

    1 week ago

    San Bernardino, California, United States GardaWorld Full time

    Security Response OfficerGardaWorld is seeking a highly skilled Security Response Officer to provide exceptional security services to our clients.Key Responsibilities:Direct Visitor Access:Control and direct visitor traffic to ensure a secure and efficient experience.Surveillance and Monitoring:Monitor security cameras to detect and respond to potential...

  • Administrative Assistant III

    3 days ago

    San Antonio, Texas, United States Texas Department of Aging & Disability Services Full time

    Job Summary:The Texas Department of Aging & Disability Services is seeking an experienced Administrative Assistant III to join our Incident Management team. As a key member of our team, you will provide critical support to our Incident Management Department, ensuring the smooth operation of our facilities and services.Key Responsibilities:Provide...

  • Roadway Incident Management Specialist

    2 weeks ago

    San Antonio, Texas, United States Serco North America Full time

    Position Overview:Join Serco North America as a Roadway Incident Management Specialist.Serco collaborates with transportation authorities to operate a vital incident response program aimed at reducing traffic delays and enhancing roadway safety by swiftly addressing disabled vehicles and debris on highways, as well as providing essential traffic management...

  • Network Security Engineer

    2 weeks ago

    San Antonio, United States TriQuest Business Services Full time

    Job Title: Network Security Engineer Work Location: San Antonio, TX 78249 Term: Permanent Position In office; M-F, 8am-5pm No remote work Salary: $100K Job Summary: Step into the pivotal role of Network Security Engineer and become the cornerstone of our client's organization's cyber defense strategy. As a Network Security Engineer, you'll orchestrate the...