Incident Response Engineer

June 29, 2020
Hayward, CA
Job Type



  • Assist with maturing incident response program.
  • Respond to security incidents covering all phases including identification, containment and eradication
  • Maintain incident response infrastructure to address overall enterprise scope including cloud, on-prem, and open source software.
  • Integrate incident response tools and data into other programs e.g. vulnerability management, security architecture, IT technology deployments, etc.
  • Act as engagement point for the IT team and the business across the entire company.
  • Monitor our SIEM for notable events, running them down to completion.
  • Tune our SIEM to look for new threats, make existing threats easier to find, and reduce false positives.
  • Perform forensics on affected systems as needed.
  • Participate in periodic purple team exercises with our red team.
  • Actively gather cyber Intelligence to ensure response capabilities are adequate to the threats.
  • Partner with teams across the organization to define remediation plans, drive and track remediation to completion, and find new approaches to improve the program.
  • Identify, assesses and document the severity and potential impact of vulnerabilities and give technical guidance to teams/owners in a way that consistently drives objective using fact-based decisions.
  • Find opportunities for enhancement including automation and self-service.
  • Analyze data and develop metrics to measure and communicate the effectiveness of the incident response process.


  • Experience using commercial SIEM’s such as Azure Sentinel, Splunk Enterprise Security, AlienVault, or LogRhythm.
  • 2 - 5 years of experience in a front-line incident response role, handling technical security issues such as malware, phishing, and intrusions.
  • 1 years of experience using Azure or Amazon Web Services
  • 1 year of experience writing automation utilities in a scripting language, preferably python or Windows PowerShell.
  • 2 - 5 years’ experience of systems administration of Windows and Linux/Unix systems.
  • 2 - 5 years of security experience in relevant security domains (e.g. threat and vulnerability management, risk management, security architecture, security hardening).
  • Experience with operating vulnerability assessment and incident response tools including network scanners, host-based detection agents, and web application scanners.
Drop files here browse files ... Dropbox ...

Related Jobs

Sr Database Engineer   San Jose, CA new
June 22, 2020
June 10, 2020
June 10, 2020
DevSecOps Engineer (Remote)   Washington, DC
June 10, 2020
This entry was posted in . Bookmark the permalink.
Are you sure you want to delete this file?