Go Enterprise, contact us anytime: email, phone, or chat

  • Incident Response Sr. Specialist

    Northwestern Mutual

    As a Cybersecurity Engineer on the Security Incident Response team, your role will include responding to, investigating and containing anomalous or malicious activity that could indicate a security threat. You’ll be responsible for staying up to date on the latest cybersecurity threats and assisting in the continual development and refinement related to monitoring, detecting and responding to abnormal network and host activity.

Description

Desirable Skills:
Experience with security tools including SIEM, EDR, AV, CASB, Next-gen Firewalls, and VPN.
Experience with system and network artifacts.
Working knowledge of the MITRE ATT&CK framework.
Familiarity with various cloud environments and containerization technologies (AWS, Azure, O365, Docker, Kubernetes).
Functional and practical experience with at least one development or scripting language/framework (e.g. PowerShell, Python, .Net) and regular expressions.

Minimum Qualifications:
Bachelor’s Degree in Information Security, Computer Science, or equivalent combination of education, training, and experience.
Three or more years in an Incident Response or Security Operations Center (SOC) role.
Background in information technology with an emphasis on network or systems administration.
Hold or willingness to obtain certifications such as GCIH, GCFE, GCIA, CISSP or other relevant security certifications.


Responsibilities

  • Triage, pivot and correlate across multiple network and host-based log sources.
  • Analyze system artifacts and memory for evidence of compromise.
  • Proactively hunt for and identify malicious activity in various log sources using threat intelligence and other indicators of compromise.
  • Communicate and collaborate with all areas of the business including executive leadership to educate and inform throughout the incident response lifecycle.
  • Continually improve incident response procedures and documentation.
  • Engage with Detection Engineering and Red Team to identify opportunities to better monitor/detect suspicious behavior and automate response capabilities.
  • Keep up to date on evolving cyber threats and identify methods to detect them.
  • Participate in an on-call rotation.

Details

  • Travel No travel
  • Incentives Bonus
  • Clearance & Citizenship No requirements
  • Remote Work Remote occasional
  • Education Bachelors Degree
  • Salary Range Not provided

Join NinjaJobs!

Registered users get the benefit of full listing views, searches, posting options and more!

Company Ratings powered by

  • 3.7

    Overall Rating - Satisfied


  • Culture and Values 4.0
  • Work/Life Balance 3.7
  • Senior Management 3.7
  • Comp and Benefits 3.3
  • Career Opportunities 3.8