Incident Response Engineer
Newark, CA US
Our OEM client is looking for an experienced, hands-on. Incident Response Engineer who has the ability to work with our connectivity team and help the team develop stable software. This is a contract role currently budgeted for 6 months with a pay rate of $55.42 - $76.21 In this role, you will serve as a security expert in network, application design, operating systems, endpoint protection, mobile devices, and foundational InfoSec technical controls.
Key Domain Areas of Work:
- Perform incident detection, investigation and respond to incidents for Automotive Security Operation Center.
- Develop Standard Operating Procedures, Incident Response Plans for Automotive Security Operation Center.
- Perform deep-dive investigations, research and accordingly recommend the improvements in detection capabilities.
- Conduct tabletop exercises with Automotive SOC stakeholders and recommend changes, improvements in the security processes, and technologies.
- Perform Incident Reviews, document the findings and ensure remediation are reviewed and taken care of.
- Collaborate with different teams such as Software, IT Security, Safety and other teams to implement and improve automotive security posture.
- Perform Reverse Engineering, Malware Analysis and Threat Hunting.
- Provide mentorship to junior team members.
- Work closely with larger Automotive Cyber Security team to enhance the security processes, and technologies.
Bachelor’s or Master’s in Computer Science, Information Technology, Cybersecurity or any equivalent degree.
Minimum 6-8 years of direct experience as an Information Security analyst role.
Professional experience in incident detection and response, malware analysis or reverse engineering.
Minimum of 3-4 years of experience working in Tier 2 or Tier 3 SOC environments performing security incident investigation and security incident response.
Knowledge of Vulnerability Assessment processes, and tools is a plus.
Experience with SIEM Tools(eg: Splunk, Logrhythm).
Experience with host and network monitoring and security tools.
Familiarity with Threat Intelligence tools and technologies.
Proven ability to perform data analysis, incident investigations and root cause analysis.
Experience with developing Standard Operating Procedures, and Incident Response Plan.
Good understanding of Cybersecurity Frameworks such as SANs, NIST Cybersecurity frameworks.
Proven ability to leverage Mitre ATT&CK framework, for implementing Security Monitoring controls.