Incident Response Engineer
2 weeks ago
Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry-cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience.
Our mission is simple: End Cyber Risk. We're looking for an Incident Response Engineer to be part of making this happen. We know that cyber risk is ever evolving, and we know ending cyber risk is impossible, but that's why we love cyber security Every day is different.
About the Role
The Incident Response Engineer role is for experienced IT and cyber security professionals with foundational digital forensics experience and knowledge that wants to be involved in all aspects of cyber security and learn something new every day. This role's primary focus is on digital forensics investigations, evidence preservation, and IT restoration and recovery services. The role is frequently the lead digital forensic analyst on response engagements responsible for finding the root cause of incidents, determining what attacker persistence mechanisms need to be remediated, and finding all actions from the attacker and malware. On extremely complex cases, this person would work alongside a team lead or senior incident response engineer.
This role is client facing, and both technical skills and soft skills are incredibly important. Our incident response team works with clients who are in crisis, and our elite technical and soft skills make a terrible situation as good as it can possibly be for our clients.
Responsibilities:
Digital Forensics
- Perform digital forensic functions including but not limited to host-based analysis through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
- Process collected data and conduct defensible data acquisitions through in-depth analysis.
- Preserve and analyze data from electronic data sources and systems including laptop and desktop computers, servers, mobile devices, and cloud services (Azure, AWS, etc.).
- Examine firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity.
- Be able to determine the root cause, find persistence mechanisms, and find all actions of the threat actor in most incidents.
- Participate in incident response engagements to guide clients and/or junior team members through forensic investigations, contain security incidents, and provide guidance on longer-term remediation recommendations.
- Record detailed data for each incident that can be used in threat research and marketing initiatives
- Ability to preserve evidence from complex systems and networks
- Ability to rebuild servers and workstations.
- Ability to restore servers from nearly any backup system
- Assist with decryption of data when needed.
- Ability to recreate hypervisor environments and manage virtual servers
- Provide support on incident response engagements in collaboration with the Team lead and Engagement Manager leading the engagements to guide client's containment, remediation, restoration, and forensic investigations.
- Provide long term security recommendations that are well thought out and specific to the incident that the client experienced.
- Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel.
- Be able to lead an engagement solo from start to finish when needed.
- Be able to bring calm to escalated situations.
- Participate in weekday escalation on call schedule.
- Participate in weekend rotation schedule.
- Participate in holiday rotation schedule.
- Contribute towards R&D projects, such as, tools, techniques, threat research projects.
- Contribute to marketing initiatives.
The ideal candidate for this role would have a few years of digital forensics and cyber security experience or education as well as a strong IT background and core understanding of enterprise networks.
- Forensic Analysis - Ability to find the root cause of an incident, find attacker persistent mechanisms, and determine what data was accessed or stolen by an attacker
- General cyber security best practices knowledge
- Windows IT admin experience with Azure, Windows AD, Exchange, etc.
- Managed Service Provide (MSP) experience solving problems and managing customers.
- Investigative mindset with the ability and desire to untangle complex situations
At Arctic Wolf we're cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow globally. We've been named one of the 50 Most Innovative Companies in the world for 2022 (Fast Company)-and the 2nd Most Innovative Security Company. This is in addition to consecutive awards from Top Workplace USA (2021, 2022), Best Places to Work - USA (2021, 2022) and Great Place to Work - Canada (2021, 2022).
Our Values
Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that-by protecting people's and organizations' sensitive data and seeking to end cyber risk- we get to work in an industry that is fundamental to the greater good.
We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here.
We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities.
All wolves receive compelling compensation and benefits packages, including:
- Equity for all employees
- Bonus or commission pay based on role
- Flexible time off, paid volunteer days and paid parental leave
- 401k match
- Medical, Dental, and Vision insurance
- Health Savings and Flexible Spending Agreement
- Voluntary Legal Insurance
- Training and career development programs
Security Requirements
- Conducts duties and responsibilities in accordance with AWN's Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies).
- Background checks are required for this position.
- This position may require access to information protected under U.S. export control laws and regulations, including the Export Administration Regulations ("EAR"). Please note that, if applicable, an offer for employment will be conditioned on authorization to receive software or technology controlled under these U.S. export control laws and regulations
-
Associate Incident Response Engineer
2 weeks ago
San Antonio, United States Arctic Wolf Co Full timeArctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry-cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience. Our mission is simple: End Cyber Risk. We're looking for an...
-
Engineering Manager
3 days ago
San Francisco, California, United States Pager Full timeAbout the RolePagerDuty is seeking an experienced Engineering Manager to lead our incident management team. As a key member of our engineering leadership team, you will be responsible for managing a team of software engineers responsible for owning critical services within the PagerDuty product.Key ResponsibilitiesTeam Leadership: Manage a team of software...
-
Incident Response Specialist
1 week ago
San Antonio, Texas, United States Dunhill Professional Search Full timeJob SummaryWe are seeking a highly organized and motivated analyst to support our Infrastructure Cloud team as an Incident Support Specialist. This role is ideal for individuals looking to start a career in incident response and cloud managed platforms.Key ResponsibilitiesTrack and resolve cloud infrastructure issues from occurrence to resolution in...
-
Incident Response Specialist
1 week ago
San Antonio, Texas, United States Dunhill Professional Search Full timeJob SummaryWe are seeking a highly organized and motivated analyst to support our Infrastructure Cloud team as an Incident Response Specialist. This role is ideal for individuals looking to start a career in incident response and cloud managed platforms.Key ResponsibilitiesTrack and resolve cloud infrastructure issues from occurrence to resolution in...
-
Senior Cybersecurity Incident Response Engineer
2 weeks ago
San Francisco, California, United States Wells Fargo Full timeOverview:Wells Fargo is in search of a Senior Cybersecurity Incident Response Engineer with a robust background in incident management, network forensics, and proactive threat detection. The ideal candidate will possess a comprehensive understanding of endpoint and network security measures, alongside a foundation in offensive security to facilitate an...
-
Incident Response Forensics Consultant
1 week ago
San Francisco, California, United States New Era Technology Full timeJob OverviewAbout the Role:New Era Technology is on the lookout for a skilled Digital Forensics Engineer to join our Threat Management Team. This position focuses on providing forensic acquisition and analytical support across various environments, enhancing our security posture through thorough root cause analysis.Key Responsibilities:Gather, process,...
-
San Ramon, California, United States Five9 Full timeJob OverviewJoin our mission to enhance customer satisfaction. Five9 stands at the forefront of cloud contact center solutions, delivering innovative technology to clients globally.Embracing our core values fosters a collaborative culture that drives innovation, growth, and shared success. We celebrate diverse backgrounds and promote an inclusive atmosphere,...
-
Cybersecurity Incident Response Specialist
2 weeks ago
San Diego, California, United States NavitsPartners Full timeJob OverviewPosition: Threat Response CoordinatorKey Responsibilities: Oversee security notifications, coordinate incident management, and disseminate threat intelligence to safeguard clients. Utilize platforms such as Azure ATP and Office 365 ATP for incident handling and investigation. Provide assistance and compile detailed reports.Essential...
-
Cybersecurity Engineer
3 days ago
San Diego, California, United States Apple Full timeAbout the RoleAt Apple, we're seeking a highly skilled and dedicated Cybersecurity Engineer to join our security team. As a Detection and Response Engineer, you will play a critical role in ensuring the security of our systems and infrastructure.Key ResponsibilitiesIncident Handling and MitigationLead the initial response to security incidents, ensuring...
-
Security Engineer
5 days ago
San Francisco, California, United States Security Bank & Trust Co. Full timeAbout the RoleWe are seeking a highly skilled Security Engineer - Detection and Response to join our team at Security Bank & Trust Co. as a key member of our Security team. As a Detection and Response Security Engineer, you will play a critical role in implementing and maintaining our security infrastructure, detecting and responding to security incidents,...
-
Senior Manager of Incident Response
5 days ago
San Mateo, California, United States Motion Recruitment Full timeAbout the RoleMotion Recruitment is seeking a highly experienced Director of Managed Detection and Response to join our client's team in Dallas, TX or San Jose, CA. As a key member of the leadership team, you will be responsible for developing and executing a strategic vision for MDR services, leading and mentoring a team of consulting analysts, and...
-
Cybersecurity Engineer
4 days ago
San Diego, California, United States Apple Full timeAbout the RoleAt Apple, we're seeking a highly skilled and dedicated Cybersecurity Engineer - Detection and Response to join our security team. As a key member of our team, you will play a critical role in ensuring the security of our systems and infrastructure used to manage, build, and distribute our software.Key ResponsibilitiesIncident Handling and...
-
Major Incident Management Analyst
2 weeks ago
San Antonio, United States TEKsystems Careers Full time*Description:* Incident Management: o Lead the resolution of major incidents across all IT services, coordinating efforts across multiple teams and vendors. o Ensure timely communication to stakeholders and leadership during incidents, providing regular updates on status, impact, and resolution efforts. o Facilitate post-incident reviews (PIRs) to identify...
-
Major Incident Management Analyst
2 weeks ago
San Antonio, United States TEKsystems Full timeDescription: Incident Management: o Lead the resolution of major incidents across all IT services, coordinating efforts across multiple teams and vendors. o Ensure timely communication to stakeholders and leadership during incidents, providing regular updates on status, impact, and resolution efforts. o Facilitate post-incident reviews (PIRs) to identify...
-
Major Incident Management Analyst
2 weeks ago
San Antonio, TX, United States TEKsystems Careers Full time*Description:* Incident Management: o Lead the resolution of major incidents across all IT services, coordinating efforts across multiple teams and vendors. o Ensure timely communication to stakeholders and leadership during incidents, providing regular updates on status, impact, and resolution efforts. o Facilitate post-incident reviews (PIRs) to identify...
-
Senior Software Engineer
4 days ago
San Jose, California, United States TikTok Full timeAbout the RoleWe are seeking a highly skilled Senior Software Engineer to join our Privacy Response team at TikTok. As a key member of our team, you will play a critical role in shaping our data privacy framework, leveraging cutting-edge privacy technology, and making a significant impact on our company and community.ResponsibilitiesDesign and build...
-
Security Response Officer
1 week ago
San Bernardino, California, United States GardaWorld Full timeSecurity Response OfficerGardaWorld is seeking a highly skilled Security Response Officer to provide exceptional security services to our clients.Key Responsibilities:Direct Visitor Access:Control and direct visitor traffic to ensure a secure and efficient experience.Surveillance and Monitoring:Monitor security cameras to detect and respond to potential...
-
Administrative Assistant III
3 days ago
San Antonio, Texas, United States Texas Department of Aging & Disability Services Full timeJob Summary:The Texas Department of Aging & Disability Services is seeking an experienced Administrative Assistant III to join our Incident Management team. As a key member of our team, you will provide critical support to our Incident Management Department, ensuring the smooth operation of our facilities and services.Key Responsibilities:Provide...
-
Roadway Incident Management Specialist
2 weeks ago
San Antonio, Texas, United States Serco North America Full timePosition Overview:Join Serco North America as a Roadway Incident Management Specialist.Serco collaborates with transportation authorities to operate a vital incident response program aimed at reducing traffic delays and enhancing roadway safety by swiftly addressing disabled vehicles and debris on highways, as well as providing essential traffic management...
-
Network Security Engineer
2 weeks ago
San Antonio, United States TriQuest Business Services Full timeJob Title: Network Security Engineer Work Location: San Antonio, TX 78249 Term: Permanent Position In office; M-F, 8am-5pm No remote work Salary: $100K Job Summary: Step into the pivotal role of Network Security Engineer and become the cornerstone of our client's organization's cyber defense strategy. As a Network Security Engineer, you'll orchestrate the...