Security Incident Commander - Threat Management Response
October 20
Description
• Simplify technology through innovative products and services. • Provide round-the-clock monitoring and rapid incident response. • Help craft strategy, refine playbooks, and improve response processes. • Serve on rotation of security incident commanders. • Write SQL to search data for signs of compromise. • Respond to high severity incidents and handle remediation process. • Familiarity with security tools like SIEM, FIM, EDR, SOAR. • Investigate security events for cloud platforms and Cisco devices. • Perform digital forensics to identify risks and threats. • Write response runbooks and author documentation on processes.
Requirements
• Understand common threat actor tactics, techniques, and procedures (TTPs). • Experience leading threat hunts using logs and threat intelligence. • Calm, methodical approach to investigating potential threats. • Minimum of 5 years in cybersecurity roles professionally. • Ability to build and/or re-architect solutions within AWS. • Expertise with observability and security tools like Splunk, ELK, Snowflake. • Understand core cybersecurity concepts: encryption, hashing, vulnerability management. • Understand major security compliance frameworks: PCI, SOC 2, and FedRAMP.
Benefits
• Access to quality medical, dental and vision insurance. • 401(k) plan with a Cisco matching contribution. • Short and long-term disability coverage. • Basic life insurance and numerous wellbeing offerings. • Up to twelve paid holidays per calendar year (includes one floating holiday). • Day off for your birthday. • Up to 20 days of Paid Time Off (PTO) each year. • Access to paid time away for critical or emergency issues. • Additional paid time to volunteer and give back to the community. • Ability to purchase company stock through Employee Stock Purchase Program. • Performance-based incentive pay on top of base salary for sales plans.
Apply NowSimilar Jobs
October 17
Marigold
1001 - 5000
Application Security Engineer at Marigold, focusing on secure software practices.
