Incident Response Engineer Job Description Template
Our company is looking for a Incident Response Engineer to join our team.
Responsibilities:
- Track and report on vulnerability remediation efforts;
- Reproduce exploits and attacks to analyze adversary Tactics, Techniques, and Procedures to to generate new signatures to enhance detection capability;
- Identify, track, and report on emerging threats to Geotab’s security, products, and customers;
- Assist in developing mitigation and remediation steps and Incident Response programs;
- Escalate incidents internally and according to protocol, to ensure all necessary parties are informed and actively engaged where necessary;
- Help determine security risk to Geotab by quantitatively evaluating risk using industry standard metrics (such as CVSS);
- Provide regular reporting back to Security Management team;
- Ensuring that Geotab’s compliance requirements are met (ie NIST 800-53);
- Develop Big Data skills to leverage data to improve monitoring;
- Support Engineering teams to provide in-depth technical analysis of security issues;
- Prioritize and coordinate case-specific response activities, driving timely and appropriate remediation of issues.
Requirements:
- Experience using Splunk, QRadar, or other SIEM tools are huge assets;
- Experience with Python, Powershell, Bash, and SQL;
- Professional certifications such as CEH, GIAC, GCIH, GWAPT, GPEN, OSCP, or OSCE are highly regarded;
- Bachelor’s degree in Computer Science or a related field of study.