Security Engineer - Digital Forensic & Incident Response(DFIR)

Key Skills:

Roles and Responsibilities:

• Respond to and manage cybersecurity incidents, including threat detection, containment, eradication, recovery, and post-incident activities.
• Proactively hunt for threats within our environment using tools such as Anomali ThreatStream.
• Conduct digital forensic investigations to determine the root cause of security incidents and identify areas for improvement.
• Correlate security event logs from various sources to identify potential security threats and anomalies.
• Maintain accurate and detailed records of incidents, including incident reports, root cause analysis, and lessons learned.
• Review security alerts escalated by SOC analysts to determine if they constitute an incident.
• Investigate incidents to determine scope and impact.
• Record incident details, artifacts, and evidence in the incident tracking system.
• Execute response protocols and playbooks to respond to incidents.
• Escalate incident response protocols to senior staff when necessary.
• Communicate with end users to collect information and resolve issues.
• Collaborate with IT, Legal, and Marketing teams during the incident response process.
• Perform additional duties as directed and effectively accomplish set goals while primarily working in a hybrid capacity.
• Be available on an on-call basis for off-hours critical incident response.

Skills Required:

• Expertise in Digital Forensics and Incident Response methodologies.
• Strong analytical and investigative skills to identify root causes of security incidents.
• Experience with threat hunting tools and technologies (e.g., Anomali ThreatStream).
• Ability to correlate and analyze security logs from multiple sources.
• Knowledge of incident tracking, reporting, and escalation procedures.
• Strong communication and collaboration skills to work with cross-functional teams.
• On-call availability and readiness to respond to critical incidents.

Education: