Cyber Incident Response Engineer II jobs in United States
cer-icon
Apply on Employer Site
company-logo

Lifetime Benefit Solutions, Inc. · 1 day ago

Cyber Incident Response Engineer II

positionUSA
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$110K/yr - $198K/yr
date5+ years exp

Lifetime Benefit Solutions is seeking a Cyber Incident Response Engineer II to play a critical role in detecting, investigating, and responding to cybersecurity threats across the enterprise. The engineer will support security operations through proactive threat hunting, tool development, forensics, and containment while collaborating across various security technologies.

Information TechnologyInsurance
check
Comp. & Benefits

Responsibilities

Designs, implements, and conducts the operation of IR operations tools including logging, SIEM, EDR, UEBA, SOAR etc
Evaluates and proposes new security solutions for IR operations
Investigates and presents recommendations to the security manager and various levels of management regarding protection of computing resources and information assets
Builds & updates playbooks/SOAR automations, etc
Assists with monitoring escalations from analysts and provides technical input during investigations
Performs proactive threat hunting to identify potential threats or anomalous behavior
Leverages MITRE ATT&CK framework to provide security monitoring recommendations and improvements
Participates in rotation of 24/7/365 on call coverage
Leads tactical project initiatives including design of solutions in conjunction with management and other cyber defense team members
Assists in the operational support for security technologies in defense against modern cybersecurity threats
Responds to requests within defined SLAs relating to various information security systems, programs, and processes
Enforces information security policies, standards, and procedures and investigates possible security exceptions
Assists in the execution of HIPAA, MAR, PCI, and COBIT compliance activities
Consults on the integration of cyber defense tools and appropriate controls into new and existing systems and applications
Assists in internal and external audits, self-assessments, and risk reviews for security processes
Hardens the operational security ecosystem and evolve mitigation techniques through ongoing threat intelligence assessment
Participates in incident response activities, including containment, triage, and root cause analysis
Research, design and integrate new operational security solutions with an emphasis on solutions that aligns with overall cybersecurity strategy
Consistently demonstrates high standards of integrity by supporting the Lifetime Healthcare Companies’ mission and values, adhering to the Corporate Code of Conduct, and leading to the Lifetime Way values and beliefs
Maintains high regard for member privacy in accordance with the corporate privacy policies and procedures
Regular and reliable attendance is expected and required
Performs other functions as assigned by management
Acts as a technical lead and provides mentoring, training, and technical support to engineers and analysts
Hardens security ecosystem and evolves mitigation techniques through ongoing threat intelligence assessments
Serves as the technical escalation point for complex incidents and operational challenges
Designs and leads threat hunting engagements and proactively identifies advanced threats
Leads the blue team side of purple team exercises to validate and improve detection and response capabilities. Leads cyber defense incident response activities end to end
Performs as the subject matter expert for more than three information security technology, processes, and practices internally to the Health Plan
Provides advanced technical expertise and process improvement support
Designs and implements automated solutions for common security administration tasks

Qualification

Cybersecurity incident responseThreat huntingMITRE ATT&CK frameworkSecurity operations toolsCloud infrastructure servicesNetwork securityIdentityAccess managementEndpoint protectionSecurity automationProcess improvementTechnical supportWork directionCISSP certificationCISA certificationCISM certificationAdvanced communication skillsOrganization skillsTechnical mentoring

Required

Five (5) years of related work experience
Bachelor's degree in computer science, information technology, or relevant field. In lieu of degree, six (6) cumulative years of related experience are required
Strong knowledge of several concepts and/or tools listed: Cloud infrastructure services, including IaaS, PaaS, and SaaS models
Intermediate knowledge of network and application security, including firewalls and web application firewalls (e.g., Palo Alto Networks, Imperva)
Experience and knowledge of identity and access management systems, including Active Directory, Entra ID, LDAP, and various authentication protocols
Knowledge of endpoint protection and antivirus solutions
Demonstrated experience identifying malicious actors, TTPs, and using the MITRE ATT&CK framework
Experience using IDS/IPS and/or related tools
Knowledge with cloud-native security solutions for multi-cloud environments, such as SIEM, CSPM, threat detection, compliance enforcement, and governance frameworks
Security incident response experience
Demonstrated experience with common query techniques including Kusto query language and Python
Advanced communication skills with the ability to present clear and concise information to all levels and technical abilities
Excellent organization and multi-tasking skills
Eight (8) years of related work experience with and strong knowledge of all concepts and/or tools listed above (under Level I)
Experience in evaluating security software packages and systems
Experience with security automation, including associated playbooks, reporting and notification
Knowledge of network regulations, industry standards and operational constraints of networks systems
Experience providing work direction for one or more individual's specific projects and initiatives

Preferred

Hands on experience with the following operating systems preferred: Windows, and UNIX (Linux, AIX, Solaris, etc.)
CISSP, CISA, CISM or other relevant security certification, or equivalent experience, and knowledge preferred

Benefits

Participation in group health and/or dental insurance
Retirement plan
Wellness program
Paid time away from work
Paid holidays

Company

Lifetime Benefit Solutions, Inc.

twittertwitter
company-logo
Lifetime Benefit Solutions is an insurance company offering lifetime benefit solutions.
dateFounded in 1981
location
Syracuse, New York, USA
people-size201-500 employees
web-link
http://lifetimebenefitsolutions.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Scott Ehrlinger, MBA, CMA
Strategic Partnerships Manager
linkedin

Recent News

Rochester Business Journal
Lifetime Benefit Solutions introduces student loan repayment benefit
2022-10-25
cnybj.com
Mooney named president at Lifetime Benefit Solutions
2022-01-04
Company data provided by crunchbase