Incident Response Engineer

Ready to further your career in the fast-paced, exciting world of cyber security?

About Us The unicorn company Arctic Wolf was founded in the USA in 2012 and is a leader in security operations in an exciting and fast-growing industry - cybersecurity. Our commitment to customer and employee satisfaction, combined with a stable track record characterised by doubling our sales and employee numbers for five consecutive years, have made us an industry leader. In April 2021, we decided to expand globally with the goal of providing companies worldwide with first-class protection. Arctic Wolf is therefore a global leader in security operations, delivering the first cloud-native security operations platform to end cyber risk. Powered by threat telemetry spanning endpoint, network, and cloud sources, the Arctic Wolf® Security Operations Cloud ingests and analyses trillions of security events each week to enable critical outcomes for most security use cases. The Arctic Wolf® Platform delivers automated threat detection and response at scale and empowers organisations of any size to stand up world-class security operations with the push of a button.

Our mission is simple! End cyber risk!

Position Overview and Objective

The Incident Response Engineer role can handle incidents by themselves but may need to frequently get second opinions from more senior team members and may need assistance on larger cases. While still a client facing role, this role will less often run a case from start to completion on their own.

Primary Responsibilities and Duties

Digital Forensics

Perform digital forensic functions including but not limited to host-based analysis through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).

Process collected data and conduct defensible data acquisitions through in-depth analysis.

Preserve and analyse data from electronic data sources and systems including laptop and desktop computers, servers, mobile devices, and cloud services (Azure, AWS, etc.).

Examine firewall, web, database, and other log sources to identify evidence and artifact's of malicious and compromised activity.

Be able to determine the root cause, find persistence mechanisms, and find all actions of the threat actor in most incidents.

Participate in incident response engagements to guide clients and/or junior team members through forensic investigations, contain security incidents, and provide guidance on longer-term remediation recommendations.

Record detailed data for each incident that can be used in threat research and marketing initiatives.

Restoration

Ability to rebuild servers and workstations.

Ability to restore servers from nearly any backup system.

Assist with decryption of data when needed.

Ability to recreate hypervisor environments and manage virtual servers.

Client and Partner Management

Provide support on incident response engagements in collaboration with the Team lead and Engagement Manager leading the engagements to guide client’s containment, remediation, restoration, and forensic investigations.

Provide long term security recommendations that are well thought our and specific to the incident that the client experienced.

Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel.

Be able to lead an engagement solo from start to finish when needed.

Be able to bring calm to escalated situations.

General

Participate in weekday escalation on call schedule.

Participate in weekend on call schedule.

Participate in holiday on call schedule.

Contribute towards R&D projects, such as, tools, techniques, threat research projects.

Contribute to marketing initiatives.

Our values: At Arctic Wolf, we cultivate a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures and ideas to make our teams even stronger as we grow globally. We were named one of the 50 most innovative companies in the world (Fast Company) - and the second most innovative security company. Other awards include Top Workplace USA, Best Places to Work - USA, Great Place to Work - Canada and of course Kununu "Top Company" in Germany. Arctic Wolf is an equal opportunity employer and we consider applicants for employment without regard to race, color, religion, gender, orientation, national origin, age, disability or genetics. Arctic Wolf is committed to creating a welcoming, accessible, respectful and inclusive environment that provides equal access and participation for people with disabilities. Therefore, we strive to make our entire employee experience as accessible as possible and, wherever possible, provide necessary accommodations to applicants and employees with disabilities and/or other specific needs. Come and join our pack during this exciting time of rapid growth, where every employee makes a difference, contributions are recognised and many exciting development opportunities arise. Have we sparked your interest? Then send us your CV and also your references.

Come join the Pack during this exciting time of rapid growth where every employee makes a difference and their contributions are recognized and rewarded.