Security Incident Response Engineer
Job Requisition ID #
21WD52739
We are open to hiring this position remotely to anyone in the United States.
Position Overview:
The incident response engineer is responsible for monitoring, identifying, assessing, containing and responding to various information security events in a large and complex environment, as well as analyze, triage, and report on these incidents and investigations. The Incident Response Engineer develops, leads and monitors the incident process and provides preventive, detective, and investigative recommendations and controls. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behavior analytics. This position will work closely with the threat hunting and intelligence team to execute strategic vision for the department and assist in maturing our overall IR plans and policies in our systems and networks.
Job Responsibilities:
- Investigate incidents and respond to endpoint, network, and cloud security incidents promptly to mitigate damage or restore service.
- Review, identify, triage, and perform risk analysis and respond to security alerts and notifications sent by third parties or outside researchers.
- Provide regular and frequent review and analysis of IDS/IPS/Firewalls logs and other monitoring systems.
- Lead and complete small to medium sized projects as directed by the incident response manager including all tasks and deliverables.
- Develop content to improve detective capabilities in Security Information and Event Management (SIEM) tool
- Create playbooks, and checklists for knowledge sharing or produce reports of findings and incident summary and post mortem
- Perform the detection, identification, and reporting of possible network intrusions, anomalous activities, and misuse activities.
- Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, AWS logs to identify, contain and eradicate malicious code and ensure recovery from incidents.
- Analyze a large volume of security event data from a variety of sources with the goal of identifying suspicious and malicious activity.
- Create tickets and incidents reporting metrics, dashboards and scorecards in our security orchestration and automation platform.
Basic Qualifications:
- Participation in on-call rotation periodically which may involve non-traditional working hours
- Bachelor's degree in Computer Engineering, Electrical Engineering, or Systems Engineering or computer science or demonstrated equivalent experience.
- 3-5 years of specialized experience in incident response, cyber investigations, intrusion detection, or similar fields.
- Strong Understanding of information security architecture, mitigation of threats, and compensating controls
- Experience performing data collection, incident response and forensics, and post mortem reports in cloud environments especially AWS
- Security certifications including but not limited to the following certifications (preferred not required) - CISSP, GCFA, GNFA, GCIA and or GCIH
- Solid skills with scripting languages (Python, shell scripting, PowerShell, JavaScript, etc)
- Communication skills, creative thinking, willingness to learn and acquire new skills, and positively engage with multiple stakeholders and engineering teams
- Experience in a 24x7 security operations team is preferred but not required
#LI-POST
At Autodesk, we're building a diverse workplace and an inclusive culture to give more people the chance to imagine, design, and make a better world. Autodesk is proud to be an equal opportunity employer and considers all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender, gender identity, national origin, disability, veteran status or any other legally protected characteristic. We also consider for employment all qualified applicants regardless of criminal histories, consistent with applicable law.
Are you an existing contractor or consultant with Autodesk? Please search for open jobs and apply internally (not on this external site). If you have any questions or require support, contact Autodesk Careers.