Senior Incident Response Engineer
Snowflake$198,000 - $303,600/year
Full Time
Junior (1 to 2 years)
Not SpecifiedCompensation
Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
CybersecurityIndustries
Requirements
- Bachelor's degree and approximately 2-5 years of related work experience
- Approximately 2-5 years of technical architecture experience
- Prior experience performing Incident Response, including Containment and Isolation, Forensics, Root Cause Analysis, and/or Elimination and Remediation to enterprise-level organizations
- Ability to travel 25-40% of the time to client sites
- Ability to respond onsite in a 24/7/365 environment; willingness to work evening, overnight, and weekend/holiday hours
- Proficiency with commercial and open-source security tools (e.g., EnCase, FTK, XWays, Splunk, ELK, EZ Tools)
- Familiarity with network architectures, network services, system types, network devices, development platforms, and software suites (e.g., Linux, Windows, Cisco, Oracle, Active Directory, JBoss, .NET)
- Familiarity with Endpoint Detection and Response (EDR) products (e.g., SentinelOne, Carbon Black, CrowdStrike)
- Ability to combine multiple separate findings to identify complex attacks and incidents
- Ability to manually collect relevant data sources during an incident
- Ability to identify, describe, and report threat vectors and forensic artifacts
- Demonstrated ability to create comprehensive incident reports
- Ability to convey complex technical security concepts to technical and non-technical audiences, including executives
- Ability to work both independently and on teams
- Willingness to collaborate and share knowledge with team members
- Proven ability to review and revise reports written by peers
- Demonstrated effective time management skills, ability to balance multiple projects simultaneously, and take on large and complex projects with little or no supervision
- Must be able to work well with customers and self-manage through difficult situations, focusing on client satisfaction
- Preferred: Passion for creating tools and automation to make common tasks more efficient
- Preferred: Knowledge of programming and scripting for development of security tools
- Preferred certifications: GIAC Certified Forensics Examiner (GCFE), GIAC Certified Incident Handler (GCIH), EC-Council Certified Incident Handler (ECIH), Certified Computer Forensics Examiner (CCFE)
Responsibilities
- Perform complex digital investigations including Zero Day Exploitation, Business Email Compromise, Unauthorized Access, Sensitive Data Exposure, Insider Threat, Malware Analysis, and Threat Hunting
- Work both independently and as part of a team
- Contribute to the development and continuous improvement of the Enterprise Incident Management (EIM) practice through team and industry contributions
Skills
EnCase
FTK
X-Ways
Splunk
ELK
EZ Tools
Linux
Windows
Cisco
Oracle
Active Directory
JBoss
.NET
SentinelOne
Carbon Black
CrowdStrike
Optiv
Cybersecurity advisory and solutions provider
About Optiv
Optiv helps businesses manage and reduce cyber risks by providing advisory services and solutions tailored to their specific needs. Their services cover the entire cybersecurity lifecycle, including strategy development, technology validation, and implementation of security measures. They serve nearly 6,000 clients across various industries, such as retail, manufacturing, and healthcare, ensuring that sensitive information is protected and digital systems remain secure. Unlike many competitors, Optiv focuses on customized solutions and ongoing support, adapting to the evolving cybersecurity landscape. Their goal is to empower organizations to secure their operations effectively and prepare for future challenges in technology, such as AI and IoT.
Denver, ColoradoHeadquarters
2015Year Founded
$12MTotal Funding
ACQUISITIONCompany Stage
Cybersecurity, AI & Machine LearningIndustries
1,001-5,000Employees
Risks
Rising competition from AI-driven cybersecurity firms like Secuvy.
Complexity in managing numerous cybersecurity tools may hinder effectiveness.
Meeting Zero Trust compliance deadlines requires significant investments.
Differentiation
Optiv offers comprehensive cybersecurity solutions tailored to diverse industry needs.
The company excels in Zero Trust architecture implementation for federal agencies.
Optiv's Future Point initiative explores AI, quantum computing, and IoT impacts.
Upsides
Optiv's AI Security Services enhance innovation and efficiency for clients.
Recognition as a leader in IDC MarketScape boosts Optiv's consulting credibility.
Increased cybersecurity budgets reflect growing demand for Optiv's services.
Related Jobs
RemoteRemoteDFIR Recovery Specialist
At-BaySalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteCyber Security (SOC) Analyst
UltraViolet CyberSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteCyber Threat Analyst
ArcadiaSalary not specified
RemoteSr. Cyber Analyst, Digital Forensics Incident Response
At-BaySalary not specified
RemoteAnalyst I, Falcon Complete (Hybrid, St. Louis)
CrowdstrikeSalary not specified
RemoteCopy of Security Consultant
Maze$120,000 - $140,000/year
- Full Time
- Junior (1 to 2 years)
RemoteSecurity Analyst, Managed Detection & Response
At-BaySalary not specified
- Full Time
- Junior (1 to 2 years), Mid-level (3 to 4 years)