• Apply now

  Mid-Level Incident Response Engineer

  Bank of Montreal

  Currently seeks a mid-level IR Engineer experienced with the full IR lifecycle. This position is currently remote due to Covid but will eventually be on-site in Scotch Plains, NJ.

  • 2021-01-05
  • svelasco
  • Scotch Plains, NJ, USA

• Minimum 2-4 years of Enterprise Incident Response and/or Security Operations Centre experience

• Minimum 2-4 years of experience with standard Enterprise-class security stack (Firewall, IDS/IPS, Antivirus, SIEM, Web Proxy, Web Application Firewall)

• Functional knowledge of Cyber Security and Incident Response foundations, theory, terminology (Kill Chain, TTPs, APT, IOCs, etc.)

• >2 years operational experience with Splunk, ELK/Elastic, or similar log aggregation and log analysis platforms

• Completion of relevant Security or Technical certifications including CCNA, GCIH, GREM, GCFA, GCFE, OSCP is preferred.

• Demonstrated experience with Cyber Incident Management programs

• Bachelor's degree or College Diploma in Computer Science, Information Security or other related fields

---

• Lead and coordinate the investigation effort for cyber security incidents from initial escalation through after-action reporting
• Conduct live response analysis, network analysis, log analysis, and malware triage in support of incident response investigation
• Effectively communicate investigative progress, findings, opportunities and challenges to Incident Management team
• Manage intake of incidents and reports from internal customers, using the internal ticketing system in a timely and accurate manner.
• The ability to identify and triage security incidents such as Malware, Phishing and Web Attacks is required.
• Serve as Subject Matter Experts for cyber security incidents in meetings with internal and external teams
• Provide leadership, knowledge transfer and mentoring of junior Security Specialists as part of normal IT and business activities.