Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Security Incident Response Engineer
Company Jackson
Location Lansing, MI
Preferred GIAC Certifications GCIH, GCFE, GCFA
Travel 5%
Salary Not provided
URL https://jackson.wd1.myworkdayjobs.com/en-US/Jackson_Careers/job/Lansing-MI/Security-Incident-Response-Engineer_REQ-00986
Contact Name Brandon Hladysh
Contact Email brandon.hladysh/at/jackson.com
Expires 2021-11-07

Job Description

The Security Incident Response Engineer is a member of the Jackson Information Security and Privacy (JISP) Security Incident Response Team (SIRT) and will be responsible for conducting incident and forensic investigations. They will be responsible for collecting, preserving, analyzing, and presenting evidence in support of investigations

Job Duties

Identifies, investigates, and responds to threats.
Conducts host and network forensic investigations across a range of environments, including log analysis and malware triage in support of incident response investigations.
Collects additional context using Threat Intelligence and Security Operations Center data in support of investigation and analysis.
Creates actionable after-incident reports for Security management and technical teams.
Reports and trends cyber incident activity.
Provides subject matter expertise for SOC staff.
Maintains incident response operating procedures and documentation and update as needed.
Works with other areas of the company, finding common ground to ensure a smooth Security incident response process.
Support projects that drive continuous improvement of the Incident Response program.
Ability to work outside of normal working hours as required due to pending incidents or emergency calls.


Knowledge, Skills and Abilities

Security Incident Response methodologies and frameworks that include chain of custody for forensics investigations.
Experience with investigating using a wide variety of detective technologies such as SIEM, SOAR, packet capture analysis, host forensics and memory analysis tools.
Understanding of threat landscape in terms of the tools, tactics, and techniques of attacks.
Understanding of networking and security fundamentals and administration of Windows, Unix/Linux, and Macintosh.
Understanding of Security Incident Response techniques in cloud environments (SaaS, PaaS, IaaS).
Scripting including Python, PowerShell and batch/shell/bash scripting.
Correlate data from multiple sources to identify incidents and events of interest.
Ability to effectively communicate technical and non-technical issues both verbally and in writing.
Excellent analytical and problem-solving skills.
Effective interpersonal skills.


Qualifications

Bachelor's Degree and/or equivalent experience required.
3+ years Information Security experience required.
Certification in Incident Response and/or Forensics is such as .
GCIH (GIAC Certified Incident Hander).
GCFE (GIAC Certified Forensic Examiner).
GCFA (GIAC Certified Forensic Analyst).


This posting is for a job with PGDS (US ONE) LLC, a subsidiary of Jackson National Life Insurance Company.

We don't just accept difference - we celebrate it, we support it, and we thrive on it for the benefit of our employees, our products and our community. Jackson is proud to be an equal opportunity workplace. The Company subscribes to and endorses federal and state laws and regulations relating to equal employment opportunity for all persons without regard to race, color, religion, gender, age, national origin, legally-recognized disability, marital status, legally-protected medical condition, citizenship, ancestry, height, weight, sexual orientation, veteran status, or any other factor not related to the needs of the job. The Company is committed to a policy of equal opportunity. Company facilities and campuses are tobacco-free environments.