Principal Security Engineer - Incident Response

As a member of the Intelligence, Detection and Response (IDR) team you will be trusted to protect corporate and production infrastructure. The Detection and Response Engineer will play a crucial role in creating and maintaining comprehensive threat detection mechanisms to identify malicious activity across a wide array of information systems, attack vectors at various stages of the attack lifecycle. You will play an active role in the investigation of security incidents and own containment and eradication efforts and drive process improvement and automation to create efficiencies.

Responsibilities

• Collaborate with cybersecurity team members to develop robust detection use cases that address current and emerging security threats.
• Create and implement detection logic leveraging multiple signal sources while mapping to industry-standard frameworks to ensure alignment to relevant TTPs.
• Assist in the triage and response to security events, utilizing SOAR, EDR, and SIEM tools in a cloud-forward environment to mitigate threats and minimize impact.
• Participate in an on-call rotation to ensure prompt response to after-hours security incidents and emergencies.
• Plan and execute threat hunting activities to proactively identify and mitigate potential threats before they impact the organization.
• Develop and implement SOAR automation workflows to streamline response activities and improve efficiency in threat detection and mitigation.

You'll Need to Have

• Experience with handling Cybersecurity Incidents, preferably within cloud first environments.
• Experience creating and managing effective and efficient detection capabilities in SIEM, SaaS, SOAR or other relevant platforms.
• Hands on experience building detection logic for Cloud Environments (AWS,Azure,GCP)
• Demonstrated ability in threat hunting and developing and implementing SOAR automation.
• Ability to develop code for task automation in common scripting languages such as Python, PowerShell and Bash.
• Excellent analytical and problem-solving skills, with the ability to think critically and act decisively in high-pressure situations.
• Strong communication skills, capable of effectively articulating technical concepts to both technical and non-technical stakeholders.