Remote Sr Security Incident Response Engineer

Description:

• As a Sr Security Incident Response Engineer, you will support Everbridge’s Cyber Intelligence function by performing computer network defense and incident response.
• You will serve as a senior technical leader in threat intelligence, security event monitoring, security incident investigation, forensic analysis, and security incident response for all Everbridge systems and data globally.
• Your role will involve collaborating with other Information Services team members to enhance the overall security posture of Everbridge and protect data assets.
• You will define and enhance effective security monitoring of Everbridge systems and cloud platforms globally.
• You will lead incident response during known or potential security events and conduct in-depth analysis of systems and data involved in these events.
• As a member of the Security Operation Center team, you will propose pragmatic security solutions, implement security best practices, and perform daily analysis of security events while maintaining security and threat situation awareness.

Requirements:

• A Bachelor’s degree (or equivalent experience) in Computer Science, Engineering, or a related technical field is required.
• You must have at least 5+ years of direct information security experience in a global IT environment.
• Security certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (C|EH) are preferred.
• Strong experience in an internal security operations center (SOC) is necessary.
• You should have demonstrated ability to lead security incident response teams and experience as a lead investigator of security incidents.
• Strong experience with forensic analysis and forensic evidence handling is required.
• Experience in implementing and monitoring threat intelligence systems is essential.
• You must possess detailed functional knowledge of network technologies, including network security technologies like next-generation firewalls and web application firewalls.
• Working knowledge of server technologies, including administration, virtualization, and Active Directory, is needed.
• Familiarity with both Windows and Linux/Unix operating systems is required.
• You should have working knowledge of cloud platforms, including AWS, GCP, and Azure.
• Experience analyzing network traffic to identify anomalous activity and potential threats is necessary.
• You must have experience configuring and using Security Information and Event Management (SIEM) systems for effective security event monitoring.
• Experience performing event correlation using information from various sources within the enterprise is required.
• You should demonstrate the ability to analyze network alerts and determine possible causes of such alerts.
• Experience providing timely detection, identification, and alerts of possible attacks/intrusions is essential.
• You must have the ability to analyze identified malicious activity to determine exploited weaknesses and methods.
• Familiarity with tools such as Sumo Logic, Sophos, and Office 365 email security is a plus.
• Proficiency in Microsoft Word, Excel, PowerPoint, Visio, and SharePoint is required, with additional experience in Microsoft Project, Access, SQL, PowerShell, or scripting being a plus.

Benefits:

• Everbridge offers a dynamic work environment that empowers employees to contribute to critical event management technology.
• The company promotes a culture of resilience, allowing organizations to minimize impacts and recover faster from critical events.
• Everbridge is an Equal Opportunity/Affirmative Action Employer, ensuring all qualified applicants receive consideration for employment without discrimination.
• Employees can expect to work in a supportive environment that values diversity and inclusion.