Associate Incident Response Engineer

2 weeks ago

San Antonio, United States Arctic Wolf Co Full time

Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry-cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience.

Our mission is simple: End Cyber Risk. We're looking for an Associate Incident Response Engineer to be part of making this happen.

About the Role

Our incident response team focuses on responding to major cyber incidents, such as, advanced persistent threats, ransomware incidents, advanced malware, and financial fraud. Our team works with our Client's IT teams to contain the incident, remediate the threat, investigation all of the attacker actions, and recover the client back to normal operations. Our incident response team focuses on digital forensics, restoration and remediation, attacker negotiations, and dark web monitoring. The associate incident response engineer gets involved with all of those aspects of the incidents.

The Associate Incident Response Engineer role is for experienced IT and cyber security professionals that are looking to get into digital forensics and more focused on cyber security. This role is heavily involved in restoration and remediation and digital forensics. The role often times is the lead person performing a forensics investigation with support from team leads and other senior members of the team.

This role is client facing, and both technical skills and soft skills are incredibly important. Our incident response team works with clients who are in crisis, and our elite technical and soft skills make a terrible situation as good as it can possibly be.

Responsibilities

Digital Forensics

  • Perform digital forensic functions including but not limited to host-based analysis through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
  • Process collected data and conduct defensible data acquisitions through in-depth analysis.
  • Preserve and analyze data from electronic data sources and systems including laptop and desktop computers, servers, mobile devices, and cloud services (Azure, AWS, etc.).
  • Examine firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity.
  • Be able to determine the root cause, find persistence mechanisms, and find all actions of the threat actor in most incidents.
  • Participate in incident response engagements to guide clients and/or junior team members through forensic investigations, contain security incidents, and provide guidance on longer-term remediation recommendations.
  • Record detailed data for each incident that can be used in threat research and marketing initiatives
Restoration and Remediation
  • Preserve reserve evidence from complex systems and networks
  • Rebuild servers and workstations.
  • Restore servers from nearly any backup system
  • Assist with decryption of data when needed.
  • Recreate hypervisor environments and manage virtual servers
Client and Partner Management
  • Provide support on incident response engagements in collaboration with the Team lead and Engagement Manager leading the engagements to guide client's containment, remediation, restoration, and forensic investigations.
  • Provide long term security recommendations that are well thought out and specific to the incident that the client experienced.
  • Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel.
  • Be able to lead an engagement solo from start to finish when needed.
  • Be able to bring calm to escalated situations.
General
  • Participate in weekday escalation on call schedule.
  • Participate in weekend rotation schedule.
  • Participate in holiday rotation schedule.
  • Contribute towards R&D projects, such as, tools, techniques, threat research projects.
  • Contribute to marketing initiatives.
Who You Are

There are many backgrounds that make you a great candidate for this role, so don't be afraid to apply and provide a cover letter explaining why you are a good fit. If you have strong IT instinct and background, with some cyber security knowledge, you may just be the perfect fit.
  • Windows IT admin experience with Azure, Windows AD, Exchange, etc.
  • Managed Service Provide (MSP) experience solving problems and managing customers.
  • Investigative mindset with the ability and desire to untangle complex situations
  • Digital forensics Investigation experience is a plus, but not a requirement for the associate level
About Arctic Wolf

At Arctic Wolf we're cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow globally. We've been named one of the 50 Most Innovative Companies in the world for 2022 (Fast Company)-and the 2nd Most Innovative Security Company. This is in addition to consecutive awards from Top Workplace USA (2021, 2022), Best Places to Work - USA (2021, 2022) and Great Place to Work - Canada (2021, 2022).

Our Values

Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that-by protecting people's and organizations' sensitive data and seeking to end cyber risk- we get to work in an industry that is fundamental to the greater good.

We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here.

We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities.

All wolves receive compelling compensation and benefits packages, including:
  • Equity for all employees
  • Bonus or commission pay based on role
  • Flexible time off, paid volunteer days and paid parental leave
  • 401k match
  • Medical, Dental, and Vision insurance
  • Health Savings and Flexible Spending Agreement
  • Voluntary Legal Insurance
  • Training and career development programs
Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com.

Security Requirements
  • Conducts duties and responsibilities in accordance with AWN's Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies).
  • Background checks are required for this position.
  • This position may require access to information protected under U.S. export control laws and regulations, including the Export Administration Regulations ("EAR"). Please note that, if applicable, an offer for employment will be conditioned on authorization to receive software or technology controlled under these U.S. export control laws and regulations


Come join the Pack during this exciting time of rapid growth where every employee makes a difference and their contributions are recognized and rewarded.

  • Incident Response Engineer

    2 weeks ago

    San Antonio, United States Arctic Wolf Co Full time

    Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry-cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience. Our mission is simple: End Cyber Risk. We're looking for an...

  • Incident Response Specialist

    1 week ago

    San Antonio, Texas, United States Dunhill Professional Search Full time

    Job SummaryWe are seeking a highly organized and motivated analyst to support our Infrastructure Cloud team as an Incident Support Specialist. This role is ideal for individuals looking to start a career in incident response and cloud managed platforms.Key ResponsibilitiesTrack and resolve cloud infrastructure issues from occurrence to resolution in...

  • Incident Response Specialist

    1 week ago

    San Antonio, Texas, United States Dunhill Professional Search Full time

    Job SummaryWe are seeking a highly organized and motivated analyst to support our Infrastructure Cloud team as an Incident Response Specialist. This role is ideal for individuals looking to start a career in incident response and cloud managed platforms.Key ResponsibilitiesTrack and resolve cloud infrastructure issues from occurrence to resolution in...

  • Engineering Manager

    3 days ago

    San Francisco, California, United States Pager Full time

    About the RolePagerDuty is seeking an experienced Engineering Manager to lead our incident management team. As a key member of our engineering leadership team, you will be responsible for managing a team of software engineers responsible for owning critical services within the PagerDuty product.Key ResponsibilitiesTeam Leadership: Manage a team of software...

  • Senior Cybersecurity Incident Response Engineer

    2 weeks ago

    San Francisco, California, United States Wells Fargo Full time

    Overview:Wells Fargo is in search of a Senior Cybersecurity Incident Response Engineer with a robust background in incident management, network forensics, and proactive threat detection. The ideal candidate will possess a comprehensive understanding of endpoint and network security measures, alongside a foundation in offensive security to facilitate an...

  • Incident Response Forensics Consultant

    1 week ago

    San Francisco, California, United States New Era Technology Full time

    Job OverviewAbout the Role:New Era Technology is on the lookout for a skilled Digital Forensics Engineer to join our Threat Management Team. This position focuses on providing forensic acquisition and analytical support across various environments, enhancing our security posture through thorough root cause analysis.Key Responsibilities:Gather, process,...

  • Cybersecurity Hunt and Incident Response Specialist

    1 week ago

    San Ramon, California, United States Five9 Full time

    Job OverviewJoin our mission to enhance customer satisfaction. Five9 stands at the forefront of cloud contact center solutions, delivering innovative technology to clients globally.Embracing our core values fosters a collaborative culture that drives innovation, growth, and shared success. We celebrate diverse backgrounds and promote an inclusive atmosphere,...

  • Cybersecurity Incident Response Specialist

    2 weeks ago

    San Diego, California, United States NavitsPartners Full time

    Job OverviewPosition: Threat Response CoordinatorKey Responsibilities: Oversee security notifications, coordinate incident management, and disseminate threat intelligence to safeguard clients. Utilize platforms such as Azure ATP and Office 365 ATP for incident handling and investigation. Provide assistance and compile detailed reports.Essential...

  • Cybersecurity Engineer

    3 days ago

    San Diego, California, United States Apple Full time

    About the RoleAt Apple, we're seeking a highly skilled and dedicated Cybersecurity Engineer to join our security team. As a Detection and Response Engineer, you will play a critical role in ensuring the security of our systems and infrastructure.Key ResponsibilitiesIncident Handling and MitigationLead the initial response to security incidents, ensuring...

  • Security Engineer

    5 days ago

    San Francisco, California, United States Security Bank & Trust Co. Full time

    About the RoleWe are seeking a highly skilled Security Engineer - Detection and Response to join our team at Security Bank & Trust Co. as a key member of our Security team. As a Detection and Response Security Engineer, you will play a critical role in implementing and maintaining our security infrastructure, detecting and responding to security incidents,...

  • Senior Manager of Incident Response

    5 days ago

    San Mateo, California, United States Motion Recruitment Full time

    About the RoleMotion Recruitment is seeking a highly experienced Director of Managed Detection and Response to join our client's team in Dallas, TX or San Jose, CA. As a key member of the leadership team, you will be responsible for developing and executing a strategic vision for MDR services, leading and mentoring a team of consulting analysts, and...

  • Cybersecurity Engineer

    4 days ago

    San Diego, California, United States Apple Full time

    About the RoleAt Apple, we're seeking a highly skilled and dedicated Cybersecurity Engineer - Detection and Response to join our security team. As a key member of our team, you will play a critical role in ensuring the security of our systems and infrastructure used to manage, build, and distribute our software.Key ResponsibilitiesIncident Handling and...

  • Major Incident Management Analyst

    2 weeks ago

    San Antonio, United States TEKsystems Careers Full time

    *Description:* Incident Management: o Lead the resolution of major incidents across all IT services, coordinating efforts across multiple teams and vendors. o Ensure timely communication to stakeholders and leadership during incidents, providing regular updates on status, impact, and resolution efforts. o Facilitate post-incident reviews (PIRs) to identify...

  • Administrative Assistant III

    3 days ago

    San Antonio, Texas, United States Texas Department of Aging & Disability Services Full time

    Job Summary:The Texas Department of Aging & Disability Services is seeking an experienced Administrative Assistant III to join our Incident Management team. As a key member of our team, you will provide critical support to our Incident Management Department, ensuring the smooth operation of our facilities and services.Key Responsibilities:Provide...

  • Major Incident Management Analyst

    2 weeks ago

    San Antonio, United States TEKsystems Full time

    Description: Incident Management: o Lead the resolution of major incidents across all IT services, coordinating efforts across multiple teams and vendors. o Ensure timely communication to stakeholders and leadership during incidents, providing regular updates on status, impact, and resolution efforts. o Facilitate post-incident reviews (PIRs) to identify...

  • Major Incident Management Analyst

    2 weeks ago

    San Antonio, TX, United States TEKsystems Careers Full time

    *Description:* Incident Management: o Lead the resolution of major incidents across all IT services, coordinating efforts across multiple teams and vendors. o Ensure timely communication to stakeholders and leadership during incidents, providing regular updates on status, impact, and resolution efforts. o Facilitate post-incident reviews (PIRs) to identify...

  • Senior Software Engineer

    4 days ago

    San Jose, California, United States TikTok Full time

    About the RoleWe are seeking a highly skilled Senior Software Engineer to join our Privacy Response team at TikTok. As a key member of our team, you will play a critical role in shaping our data privacy framework, leveraging cutting-edge privacy technology, and making a significant impact on our company and community.ResponsibilitiesDesign and build...

  • Engineering Associate

    1 month ago

    San Antonio, United States Compunnel Inc. Full time

    The Engineering Associate position holds the responsibility for the safe, reliable, and economic round-the-clock operation of the generation, electric transmission, and distribution systems.Duties include Engineering responsibilities for the design, construction, maintenance, and operation activities of our power plants, transmission lines, substations,...

  • Engineering Associate

    1 month ago

    San Antonio, United States Apex Systems Full time

    Electrical/Transmission OT Engineering Associateif interested please send a resume to rcasseb@apexsystems.comOverview:The Engineering Associate position holds the responsibility for the safe, reliable, and economic round-the-clock operation of the generation, electric transmission, and distribution systems.Duties include:Engineering responsibilities for the...

  • Engineering Associate

    1 month ago

    San Antonio, United States Apex Systems Full time

    Electrical/Transmission OT Engineering Associateif interested please send a resume to rcasseb@apexsystems.comOverview:The Engineering Associate position holds the responsibility for the safe, reliable, and economic round-the-clock operation of the generation, electric transmission, and distribution systems.Duties include:Engineering responsibilities for the...