Incident Response Engineer

Do you enjoy solving advanced technical problems, and working with best of breed security tools? Yearn for the opportunity to identify and respond to incidents and threats for a global enterprise? Enjoy building and maintaining successful relationships through direct interaction with peers, managers, and other technical teams? Partnering with management to build a collaborative working environment while promoting high standards, exercising good judgment and professionalism? If you do, then its sounds like you are just the person we are looking for to join our Information Security Team at Delta Airlines.

YOUR RESPONSIBILITIES IN THIS ROLE

This person will support the Information Security department's goals and objectives by addressing escalations, and the evaluation of technology controls providing key insight and research in new threats, vulnerabilities, and mitigation techniques. In this role they will take the lead in proposing solutions to improve or reduce risk exposure from the overall threat landscape and improve the resilience and readiness of security technologies and processes which ensure the confidentiality, integrity, and availability of the organization's assets, information, data, and IT services in an efficient manner.

Key Responsibilities:

• Develop and execute security incident response plans and cyber forensic investigations for investigating all reported security incidents.
• Develop comprehensive incident reports and investigation summaries.
• Develop and collect intelligence to proactively detect and identify high-confidence threats to the brand, service infrastructure and enterprise users and systems.
• Responsible for analyzing/validating security control requirements and tuning, defining the mitigation rules, scripting and performing changes or mitigating attacks, and assisting with troubleshooting support related to any issues which may arise from security detection or protection technologies.
• Assist with reviewing existing tools, applications, and processes to help strengthen and optimize current security capabilities, as well as identifying any gaps or technical solutions to further enhance the team's effectiveness.
• Communicate problems and solutions verbally and in written form to peers and management.
• Compliance and governance: help achieve compliance, identify compliance initiatives, and promote appropriate security policies.
• Lead analysis and review security events for anomalous activity, collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats.
• Lead the exploration of practical security solutions to address emerging threats and compliance requirements, including design and implementation of recommended solutions.

Benefits and Perks to Help You Keep Climbing

Our culture is rooted in a shared dedication to living our values - Care, Integrity, Resilience and Servant Leadership - every day, in everything we do. At Delta, our people are our success. At the heart of what we offer is our focus on Sharing Success with Delta employees. Exploring a career at Delta gives you a chance to see the world while earning great compensation and benefits to help you keep climbing along the way:

• Competitive salary, industry-leading pro?t sharing program, and performance incentives
• 401(k) with generous company contributions up to 9%
• New hires are eligible for up to 2-weeks of vacation. This is earned for use in the following vacation year (April 1 - March 31)
• In addition to vacation, new hires are eligible for up to 56 hours of paid personal time within a 12-month period
• 10 paid holidays per calendar year
• Birthing parents are eligible for 12-weeks of paid maternity/parental leave
• Non-birthing parents are eligible for 2-weeks of paid parental leave
• Comprehensive health bene?ts including medical, dental, vision, short/long term disability and life insurance bene?ts
• Family care assistance through fertility support, surrogacy and adoption assistance, lactation support, subsidized back-up care, and programs that help with loved ones in all stages
• Holistic Wellbeing programs to support physical, emotional, social, and financial health, including access to an employee assistance program offering support for you and anyone in your household, free financial coaching, and extensive resources supporting mental health
• Domestic and International space-available flight privileges for employees and eligible family members
• Career development programs to achieve your long-term career goals
• World-wide partnerships to engage in community service and innovative goals created to focus on sustainability and reducing our carbon footprint
• Business Resource Groups created to connect employees with common interests to promote inclusion, provide perspective and help implement strategies
• Recognition rewards and awards through the platform Unstoppable Together
• Access to over 500 discounts, specialty savings and voluntary benefits through Deltaperks such as car and hotel rentals and auto, home, and pet insurance, legal services, and childcare

What you need to succeed (minimum qualifications)

• 5 years' experience with Incident Response
• Experience in a 24x7 global enterprise, preferably in the Financial industry
• SANS GIAC certifications
• Experience with cloud platforms
• Experience managing or maintaining malware analysis sandboxes
• Knowledge of malware analysis tools
• Python and/or PowerShell scripting
• Knowledge of Exabeam suite of products or other SIEM tools
• Excellent communication and interpersonal skills
• Understanding of the business and the ability to assess and address risk without negatively impacting the business
• Ability to identify and analyze malicious code
• In depth understanding of Windows operating systems
• Ability to evaluate exploit code in relationship to existing security controls

Consistently prioritizes safety and security of self, others, and personal data.

Embraces diverse people, thinking, and styles.

Possesses a high school diploma, GED, or high school equivalency.

Is at least 18 years of age and has authorization to work in the United States.

What will give you a competitive edge (preferred qualifications)

• Strong knowledge of networking technologies (TCP/IP, HTTP, SMTP, etc.)
• Strong knowledge of web application vulnerabilities and solutions
• Strong knowledge of Unix & Linux operating systems
• Strong knowledge of the functions of various security infrastructure, including firewalls,
• Intrusion Prevention Systems, Proxy Servers, Security Event Managers, VPNs
• Strong knowledge of web application technologies (HTML, JavaScript, etc.)
• Ability to identify vulnerabilities in networks, systems and applications using COTS tools and manual processes
• General knowledge of network and systems forensics
• In depth knowledge of incident response processes and procedures
• General knowledge of threat intelligence
• Ability to provide 24-hour on-call support on a rotating basis
• CISSP Certified

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.