Current jobs related to Cyber Incident Response Engineer II - United States - Lifetime Benefit Solutions

  • Cyber Security Incident Response Lead

    8 hours ago

    United States Microsoft Full time

    OverviewWith more than 45,000 employees and partners worldwide, the Customer Experience and Success (CE&S) organization is on a mission to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft's products and services, ignited by our people and culture. We drive cross-company alignment and...

  • Security Incident and Response Manager

    56 minutes ago

    United States BCS365 Full time

    Must be authorized to work in the U.S.This is a full-time, direct hire position.Remote/WFH employees must have a reliable internet connection and must work in an environment free of noise and distraction.The Security Incident and Response Manager is responsible for leading the security incident response team in identifying, analyzing, and resolving client...

  • (Cyber) Incident Management Analyst

    2 weeks ago

    , , United States Nightwing Full time

    Nightwing provides technically advanced full-spectrum cyber, data operations, systems integration and intelligence mission support services to meet our customers' most demanding challenges. Our capabilities include cyber space operations, cyber defense and resiliency, vulnerability research, ubiquitous technical surveillance, data intelligence, lifecycle...

  • Security Incident Response Analyst

    5 days ago

    , , United States Jamie Grayem Full time

    Senior Incident Response Analyst (REMOTE/ On Call) The Organization Industry Healthcare Compensation Range$90,000 - $160,000 / year + 8% annual bonus On-Call Support Required Sponsorship No A diversified, national organization committed to improving health outcomes for its 28 million members through the innovative use of technology. The company offers...

  • Security Incident Response Analyst

    7 days ago

    , , United States Jamie Grayem Full time

    Senior Incident Response Analyst (REMOTE/ On Call) The Organization Industry Healthcare Compensation Range$90,000 - $160,000 / year + 8% annual bonus On-Call Support Required Sponsorship No A diversified, national organization committed to improving health outcomes for its 28 million members through the innovative use of technology. The company offers...

  • Security Incident Response Analyst

    2 weeks ago

    , , United States Jamie Grayem Full time

    Senior Incident Response Analyst (REMOTE/ On Call) The Organization Industry Healthcare Compensation Range$90,000 - $160,000 / year + 8% annual bonus On-Call Support Required Sponsorship No A diversified, national organization committed to improving health outcomes for its 28 million members through the innovative use of technology. The company offers...

  • Chief - Cyber Security Engineer

    2 weeks ago

    , , United States PUNCH Cyber Analytics Group Full time

    About PUNCH: We're problem solvers first & foremost. PUNCH's origin story involves frustration with available INFOSEC tools and techniques-we came up thru the industry using these inefficient tools and decided there had to be a better way. We bring this laser focus on efficiency to every customer engagement. We have trust as a hallmark in everything we do....

  • DIRECTOR OF INCIDENT RESPONSE

    2 weeks ago

    , , United States Compass Group USA Full time

    Salary: $180,000 - $200,000 + bonus eligible (commensurate with experience)A family of companies and experiences As the leading foodservice and support services company, Compass Group USA is known for our great people, great service and our great results. If you've been hungry and away from home, chances are you've tasted Compass Group's delicious food and...

  • DIRECTOR OF INCIDENT RESPONSE

    2 weeks ago

    , , United States Compass Group USA Full time

    Salary: $180,000 - $200,000 + bonus eligible (commensurate with experience)A family of companies and experiences As the leading foodservice and support services company, Compass Group USA is known for our great people, great service and our great results. If you've been hungry and away from home, chances are you've tasted Compass Group's delicious food and...

  • Cyber Security Engineer

    2 weeks ago

    , , United States Systemtec Full time

    Cyber Security EngineerSYSTEMTEC is seeking a Cyber Security Engineer for a Direct Hire opportunity with one of our clients sitting REMOTE. We are looking for someonewho is motivated to become an integral part of a mission driven organization!This candidate will take part in developing and optimizing cyber security solutions, as well as safeguarding the...

Cyber Incident Response Engineer II

7 hours ago

United States Lifetime Benefit Solutions Full time

Job Description:

Summary:

The Cyber Incident Response (IR) Engineer role is critical in detecting, investigating, and responding to cybersecurity threats across the enterprise. This role supports and leads security operations through proactive threat hunting, tool development, forensics, and containment. The engineer collaborates across a broad range of security technologies, cloud environments, and detection platforms.

Essential Accountabilities:

Level I

  • Designs, implements, and conducts the operation of IR operations tools including logging, SIEM, EDR, UEBA, SOAR etc.
  • Evaluates and proposes new security solutions for IR operations.
  • Investigates and presents recommendations to the security manager and various levels of management regarding protection of computing resources and information assets.
  • Builds & updates playbooks/SOAR automations, etc.
  • Assists with monitoring escalations from analysts and provides technical input during investigations.
  • Performs proactive threat hunting to identify potential threats or anomalous behavior.
  • Leverages MITRE ATT&CK framework to provide security monitoring recommendations and improvements.
  • Participates in rotation of 24/7/365 on call coverage.
  • Leads tactical project initiatives including design of solutions in conjunction with management and other cyber defense team members.
  • Assists in the operational support for security technologies in defense against modern cybersecurity threats.
  • Responds to requests within defined SLAs relating to various information security systems, programs, and processes.
  • Enforces information security policies, standards, and procedures and investigates possible security exceptions.
  • Assists in the execution of HIPAA, MAR, PCI, and COBIT compliance activities.
  • Consults on the integration of cyber defense tools and appropriate controls into new and existing systems and applications.
  • Assists in internal and external audits, self-assessments, and risk reviews for security processes.
  • Hardens the operational security ecosystem and evolve mitigation techniques through ongoing threat intelligence assessment.
  • Participates in incident response activities, including containment, triage, and root cause analysis.
  • Research, design and integrate new operational security solutions with an emphasis on solutions that aligns with overall cybersecurity strategy.
  • Consistently demonstrates high standards of integrity by supporting the Lifetime Healthcare Companies' mission and values, adhering to the Corporate Code of Conduct, and leading to the Lifetime Way values and beliefs.
  • Maintains high regard for member privacy in accordance with the corporate privacy policies and procedures.
  • Regular and reliable attendance is expected and required.
  • Performs other functions as assigned by management.

Level II (in addition to Level I Accountabilities)

  • Acts as a technical lead and provides mentoring, training, and technical support to engineers and analysts.
  • Hardens security ecosystem and evolves mitigation techniques through ongoing threat intelligence assessments.
  • Serves as the technical escalation point for complex incidents and operational challenges.
  • Designs and leads threat hunting engagements and proactively identifies advanced threats.
  • Leads the blue team side of purple team exercises to validate and improve detection and response capabilities. Leads cyber defense incident response activities end to end.
  • Performs as the subject matter expert for more than three information security technology, processes, and practices internally to the Health Plan.
  • Provides advanced technical expertise and process improvement support.
  • Designs and implements automated solutions for common security administration tasks.

Minimum Qualifications:

NOTE: We include multiple levels of classification differentiated by demonstrated knowledge, skills, and the ability to manage increasingly independent and/or complex assignments, broader responsibility, additional decision making, and in some cases, becoming a resource to others. In addition to using this differentiated approach to place new hires, it also provides guideposts for employee development and promotional opportunities.

All Levels

  • Five (5) years of related work experience.
  • Bachelor's degree in computer science, information technology, or relevant field. In lieu of degree, six (6) cumulative years of related experience are required.
  • Hands on experience with the following operating systems preferred: Windows, and UNIX (Linux, AIX, Solaris, etc.).
  • Strong knowledge of several concepts and/or tools listed: Cloud infrastructure services, including IaaS, PaaS, and SaaS models.
  • Intermediate knowledge of network and application security, including firewalls and web application firewalls (e.g., Palo Alto Networks, Imperva).
  • Experience and knowledge of identity and access management systems, including Active Directory, Entra ID, LDAP, and various authentication protocols
  • Knowledge of endpoint protection and antivirus solutions.
  • Demonstrated experience identifying malicious actors, TTPs, and using the MITRE ATT&CK framework.
  • Experience using IDS/IPS and/or related tools.
  • Knowledge with cloud-native security solutions for multi-cloud environments, such as SIEM, CSPM, threat detection, compliance enforcement, and governance frameworks.
  • Security incident response experience.
  • Demonstrated experience with common query techniques including Kusto query language and Python.
  • Advanced communication skills with the ability to present clear and concise information to all levels and technical abilities.
  • Excellent organization and multi-tasking skills.

Level II (in addition to Level I Qualifications)

  • Eight (8) years of related work experience with and strong knowledge of all concepts and/or tools listed above (under Level I).
  • Experience in evaluating security software packages and systems.
  • Experience with security automation, including associated playbooks, reporting and notification.
  • Knowledge of network regulations, industry standards and operational constraints of networks systems.
  • CISSP, CISA, CISM or other relevant security certification, or equivalent experience, and knowledge preferred.
  • Experience providing work direction for one or more individual's specific projects and initiatives.

Physical Requirements:

  • Ability to work prolonged periods sitting and/or standing at a workstation and working on a computer.
  • Ability to travel across the Health Plan service region for meetings and/or trainings as needed.
  • Ability to work in a home office for continuous periods of time for business continuity.

************

In support of the Americans with Disabilities Act, this job description lists only those responsibilities and qualifications deemed essential to the position.

Equal Opportunity Employer

Compensation Range(s):

Level II (E9) - Minimum: $110,093 - Maximum: $198,168

The salary range indicated in this posting represents the minimum and maximum of the salary range for this position. Actual salary will vary depending on factors including, but not limited to, budget available, prior experience, knowledge, skill and education as they relate to the position's minimum qualifications, in addition to internal equity. The posted salary range reflects just one component of our total rewards package. Other components of the total rewards package may include participation in group health and/or dental insurance, retirement plan, wellness program, paid time away from work, and paid holidays.

Please note: There may be opportunities for remote work on all jobs posted by the LBS Recruitment team. This decision is made on a case-by-case basis.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.