Security Incident Response Engineer

• Provide operational support for all aspects of monitoring and response programs, including cloud environments and SaaS applications
• Work collaboratively with Product, Engineering, and Security teams to stay abreast of Socure’s operating environment and ways to continually improve monitoring and response capabilities based on risk
• Assist with tool analysis and recommendations (e.g. evaluating and selecting security products based on functional, security, and operational requirements; reviewing and commenting implementation designs and approaches)
• Assist with performing risk assessments and ensure threats are continually updated and monitored.  Help to manage any identified risks down to acceptable tolerance levels by working cross-functionally with technical functions and leadership teams
• Assist with configuration and maintenance of monitoring and alerting systems, as well as identifying ways to continuously improve response processes and capabilities

Required Skills and Experience:

• 3+ years experience performing enterprise security monitoring, incident response, and root cause analysis
• Able to support FedRAMP-certified environments (Moderate or higher) and meet U.S. government agency requirements/eligibility
• Working knowledge of cloud environments (AWS preferred), and technical understanding of cloud-based administration and security controls
• Knowledge of computer operating systems (Mac OS, Linux, Windows)
• Technical security background and understanding of network fundamentals and common Internet protocols
• Robust technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.)
• Experience with NoSQL databases, such as Elasticsearch or Sumo Logic
• Experience with one or more programming/scripting languages such as Python, JavaScript, Go, Java, or Rust
• Familiarity with incident response and security operations within public cloud environments
• Ability to drive high priority, high transparency incidents to resolution with an appropriate sense of urgency
• Strong interpersonal and verbal/written communication skills required for coordinating responses to complex incidents with cross-functional stakeholders, including both technical and non-technical staff
• Professional demeanor even in high stress situations
• Excellent presentation skills, ability to concisely deliver information to executive leadership
• Strong problem solving ability to determine solutions to encountered or anticipated challenges
• Ability to deliver quality work products with ambitious deadlines while balancing multiple priorities
• Availability for on-call support in a 24x7x365, fast-paced operational environment

Bonus Skills:

• One or more of the following certifications are recommended: CISSP, CISM, GSEC, CERT CSIH, GCIH or other SANS certifications
• “Incident Commander” or similar training/experience related to incident management and resolution best practices
• Operational experience monitoring devices such as network and host-based intrusion detection systems, web application firewalls, database security monitoring systems, firewalls/routers/switches, proxy servers, antivirus systems, file integrity monitoring tools, and operating system logs
• Operational experience responding to security incidents in a production environment, such as investigating and remediating possible endpoint malware infections
• System forensics/investigation skills, including analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise
• Previous experience working in environments who adhere to control frameworks and/or regulatory requirements including FedRAMP, NIST CSF, HITRUST, Privacy/GDPR, CSA, etc.

Socure is all about encouraging people to push the boundaries of what’s possible through top-tier performance, innovation, ownership, and shared expertise. 

We empower excellence by providing great perks and benefits to both our fully remote employees in North America and our hybrid teams in India. 

To learn more, check out Socure’s Career Page: https://www.socure.com/company/careers

Socure is an equal opportunity employer and value diversity of all kinds at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.