about 13 hours ago
Responsibilities
- Act as the primary Incident Lead during high-severity events.
- Drive the end-to-end response lifecycle including triage, containment, and post-incident analysis.
- Build and design automated workflows using Tines to improve incident response efficiency.
- Manage detection rule lifecycles with CrowdStrike EDR and SIEM/SOAR capabilities.
- Monitor data risks across endpoints and advocate for fixes in IAM and vulnerability management.
- Partner with infrastructure owners to ensure secure system deployments.
- Evaluate and design response strategies for emerging security threats.
- Participate in the scheduled Incident Response on-call rotation.
Requirements
- 5+ years of experience in Incident Response, SOC, or Security Engineering.
- Strong familiarity with the MITRE ATT&CK framework and modern adversary tactics.
- Proven experience managing detection logic within CrowdStrike Falcon or equivalent.
- Excellent leadership skills and ability to communicate technical risks clearly.