Information Security Engineer 3

Overview

Conduct Incident Response Activities: Participates in security incident response efforts, managing assigned incidents through the full handling lifecycle including identification, containment, eradication, and recovery in coordination with other SOC and Security Engineering team members. Perform Detailed Incident Analysis: Analyzes host, network, and cloud telemetry to determine root cause, attack path, and impact of security events. Documents findings and maintains thorough incident records. Support Tier 2 SOC Operations: Responds to escalated alerts, security tickets, and service requests, ensuring timely investigation, documentation, and remediation of potential threats within established service levels. - Develop and Maintain Response Playbooks: Contributes to the creation, refinement, and maintenance of incident response playbooks and procedures for various threat types to ensure consistent and effective handling of incidents. Enhance Detection and Response Capabilities: Collaborates with Security Engineering teams to identify detection gaps, improve alerting logic, and drive automation within response workflows. Participate in Post-Incident Reviews and Knowledge Sharing: Engages in lessons-learned activities, tracks remediation actions, and mentors SOC analysts to strengthen incident analysis and handling capabilities.

Required Skills and Abilities

1. Developed analytical, critical thinking and problem-solving skills. Demonstrated full lifecycle security incident response experience.
2. Developed interpersonal, written, communication, presentation, and organizational skills.
3. Familiarity with systems analysis methods and techniques.
4. Project management skills.

Principal Responsibilities

1. Responsible for routine to moderately complex event and incident monitoring, threat detection and data correlation.
2. Assist with collecting potential breach evidence, participate in network and host forensic analysis, participate with incident remediation activities.
3. Meet with stakeholders to assess departments security requirements.
4. Assist in the development of security standards and best practices.
5. Research the latest information security trends and emerging threats.