"Information Security Engineer 4 - Senior Incident Handler"

Overview

Serve as Senior Incident Handler: Acts as a senior escalation point for complex or high-impact incidents, supporting the SOC Associate Director in managing incident flow, prioritizing response efforts, and ensuring consistent, effective incident handling across the SOC. - Perform Advanced Incident Analysis: Performs and reviews complex investigations, correlating host, network, cloud, identity, and application data to determine root cause, attack path, and impact of security events. Ensures high-quality documentation and investigative rigor. - Drive Incident Response Process Maturity: Leads the evolution of incident response playbooks, workflows, and automation to improve consistency, efficiency, and effectiveness across a wide range of threat scenarios. - Enhance Detection and Response Enablement: Partners with Security Engineering team to identify response gaps, inform detection improvements, and advance automation that improves incident handling and operational effectiveness. - Provide Technical Leadership and Mentorship: Provides senior-level technical guidance and mentorship across SOC operations, strengthening investigative skills, decision-making, and overall incident response capability. - Lead Post-Incident Reviews and Knowledge Sharing: Facilitates lessons-learned activities, drives remediation tracking, and ensures insights from incidents are incorporated into detection improvements, response processes, and analyst development. - Support Threat Intelligence and Readiness Activities: Translates emerging threats into actionable incident response improvements and participates in tabletop exercises and SOC readiness assessments.

Required Skills

1. Well-developed analytical, critical thinking and problem-solving skills.
2. Well-developed interpersonal, written, communication, presentation, and organizational skills.
3. Proven ability to lead and manage staff.
4. Proven ability to manage multiple or complex projects, meeting deadlines and budget.
5. Expert knowledge of commonly used concepts, practices, and procedures.

Principal Responsibilities

1. Actively develop solutions to detect and prevent network intrusions.
2. Serve as lead for moderately complex risk assessments.
3. Manage the development and implementation of actions plans.
4. Oversee the periodic assessment of systems.
5. Participate in the development of program control processes to ensure risk mitigation.
6. Develop and deliver information security training material.
7. Provide guidance to and may supervise level 1-3 analysts.
8. Research the latest information security trends and emerging threats.

Required Education and Experience

Bachelor's Degree and seven years of experience or equivalent education and experience.

Skills and Abilities

Well-developed analytical, critical thinking and problem-solving skills.
Well-developed interpersonal, written, communication, presentation, and organizational skills.
Proven ability to lead and manage staff.
Proven ability to manage multiple/complex projects, meeting deadlines and budget.
Expert knowledge of commonly used concepts, practices, and procedures.