Location: Chicago, Illinois, United States
Travel Required
Full Time

About the Role:
The Senior Incident Response Engineer (SIRE) is the lead technical role within the Security Services team. As a SIRE, you will utilize your extensive security expertise to identify, detect, and promptly notify clients of ongoing security events within their environment. This position requires a profound understanding of various threats and attack methodologies, as well as demonstrated experience in technical security positions.

Responsibilities:

  • Efficiently and accurately analyze incoming security events from various data sources including network, endpoint, and logs
  • Exceptional ability to prioritize incoming events effectively
  • Commitment to seeing security incidents through to completion, including detection, collaboration with team members, and clear communication with internal and external stakeholders
  • Lead complex investigations within your area of expertise and collaborate with other experts from different disciplines as necessary
  • Prioritize tasks based on both explicit and implied priorities
  • Perform thorough quality reviews on tickets, security engagements, and system-level processes to identify areas of improvement
  • Utilize your security expertise on the development platform to enhance signal accuracy while reducing noise
  • Provide coaching and mentorship to other team members, sharing knowledge and expertise
  • Continuously expand your security knowledge and expertise within a specific competency

Required Skills and Experience:

  • Possess at least 3 years of industry experience in roles related to Information Security, Network Security, or Cyber Security.
  • Preferably, have an additional 1 year of experience in Network Admin, System Admin, Cloud Admin, or similar positions.
  • Demonstrate technical proficiency in at least two (2) of the following areas:
    — Networking – common protocols, server/client infrastructure, routers, switches, WAPs, etc
    — Perimeter – firewalls, IDS, IPS, UTM, WAF, Gateways, Proxys, Mail Servers, etc
    — Authentication – AD, SSO, MFA, etc
    — IaaS – cloud services, AWS, Azure, GCP
    — End Point – MDM, EDR, EPP, AV
    — SaaS – collaboration tools including O365, GSuite, Box, Salesforce, Workday, etc
  • Prior experience in a Security Operation Center, security incident response teams, or roles involving security forensics or malware analysis.
  • Ability to conduct analysis of log and system data from the aforementioned technologies and other IT systems.
  • Display proficiency in one or more scripting tools and programming languages like Python, Bash, and Power Shell.
  • Possess excellent written and verbal communication skills.
  • Maintain a positive and proactive attitude.
  • Exhibit a commitment to learning and continuous self-improvement.
  • While specific degrees or certifications are not required, engineering or technology degrees are desirable. Any security or IT certifications like CISSP are also advantageous.

Similar Posts