Security Incident Response

March 10

🔔 Pennsylvania – Remote

Although this job is listed in Pennsylvania, this company may be open to hiring remote in other states.

💵 $75.7k - $140.7k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

🛡️ Security Operations

Apply Now

Receive Emails with Similar Jobs

Lincoln Financial

WebsiteLinkedInAll Job Openings

Lincoln Financial is an organization dedicated to protecting the privacy and security of its job applicants. It actively informs candidates about potential recruitment scams and outlines its robust hiring procedures, making clear that they do not request sensitive personal information during the application process. The company offers a diverse range of career opportunities across various fields including actuarial, finance, legal, and customer service, and is committed to maintaining equal employment opportunities.

Retirement Solutions • Life and Annuities • Group Protection

10,000+ employees

Founded 1905

💸 Finance

👥 HR Tech

📋 Description

• This position continuously monitors the alert queue; investigates security alerts; monitors health of security sensors and endpoints; collects data and context necessary to initiate IR response. • Responsible for correlation and initial triage of security events and indicators generated by security monitoring tools to determining scope, urgency and potential impact. • Document incidents from initial detection through final resolution. • Perform incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify suspicious and malicious activities. • Maintain expertise in Operating Systems (Windows/Linux) operations and artifacts to assist in investigations. • Ability to analyze different data types from various sources within the enterprise and draw conclusions regarding past and potential current security incidents. • Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. • Perform threat hunting exercises to proactively and iteratively discover current or historical threats that evade existing security mechanisms and use that information to improve cyber resilience. • Create and modify SIEM dashboards to clearly identify scope of findings or monitor activity. • Tune and maintain security tool policies (EDR, IPS, Content Filter, etc.) to reduce false positives and improve tool detection capabilities.

🎯 Requirements

• 3 - 5+ Years Experience with one or more of the following technologies: Endpoint Detection and Response (EDR/XDR) and/or DFIR opensource tools (Ex. Kape, Plaso Log2Timeline, Autopsy, etc.) • 3 - 5+ Years Information Security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration. • 4 Year/Bachelor's degree or equivalent work experience

🏖️ Benefits

• A clearly defined career framework to help you successfully manage your career • Leadership development and virtual training opportunities • PTO/parental leave • Competitive 401K and employee benefits • Free financial counseling, health coaching and employee assistance program • Tuition assistance program • A leadership team that prioritizes your health and well-being; offering a remote work environment and flexible work hybrid situations • Effective productivity/technology tools and training