200+ applicants

Company

Converge Technology Solutions Corp. · 2 days ago

Cybersecurity IR Engineer (remote)

United States

Full-time

Remote

Mid Level

3+ years exp

Maximize your interview chances

Information TechnologyInternet

H1B Sponsor Likely

Insider Connection @Converge Technology Solutions Corp.

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Regularly monitor IR queues and assign tickets based on your area of expertise.

Triage and resolve tickets using QuickBooks and collaborate with team members as needed.

Conduct proactive threat hunts by developing hypotheses based on client specific threats and vulnerabilities.

Create and update IR QuickBooks (runbooks) informed by your experience with detection use cases.

Participate in required meetings and collaborate on addressing critical issues.

Develop subject matter expertise (SME) in one or more security technologies.

Assist with the IR content migration from Splunk Ad-Hoc to Splunk ES (Enterprise Security).

Maintain a comprehensive understanding of the CrowdStrike environment to manage tasks such as: Assessing the impact of recent CrowdStrike release notes and technical alerts, and implementing changes in accordance with client change management policies.

Creating and modifying Fusion workflows to enhance IR operational efficiency.

Developing and updating custom IOAs to detect specific threats relevant to client.

Possess a basic understanding of the Splunk environment and the ability to: Use SPL (Search Processing Language) proficiently.

Create and modify saved searches tailored to IR operational needs.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Incident ResponseCrowdStrikeSplunkSPL (Search Processing Language)Cybersecurity CertificationsTechnical AlertsFusion WorkflowsThreat HuntsDetection Use Cases

Required

3+ years of experience in a professional cybersecurity capacity

2+ years of experience working within Incident Response

Hands-on experience with Crowdstrike is required

Hands-on experience with Splunk is required

Preferred

Crowdstrike & Splunk certifications are a big plus

Defensive & Response cybersecurity certifications via SANS are a big plus

Benefits

Healthcare benefits

401k match

Company stock match program

PTO/holiday

Training/development

Company

Converge Technology Solutions Corp.

Converge Technology Solutions is a services-led, software-enabled, IT & Cloud Solutions provider focused on delivering industry-leading solutions.

Founded in 2017

Toronto, Ontario, CAN

1,001-5,000 employees

https://www.convergetp.com/

H1B Sponsorship

Converge Technology Solutions Corp. has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (5)

2022 (7)