Location
Honolulu, HI, United States
Posted on
Jul 20, 2021
Profile
Description
The Senior Incident Response Engineer will be part of a dynamic, growing team, hunting for and responding to cyber incidents stemming from internal and external threat actors. The Senior Incident Response Engineer shall provide Tier 3 services, which is coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for cyber incidents.
Responsibilities
Do you want to be a part of a team of security engineers investigating computer crimes and breaches? Can you think like an attacker to stay one step ahead of them, or understand the operational security controls needed to detect, remediate, and prevent compromises whether in the data center or in a multi-cloud environment? Humana is looking for a Senior Incident Response Engineer that has a winning combination of hands-on technical skills, strong knowledge of NIST Kill Chain and MITRE ATT&CK, and an understanding of the evolving threat landscape.
Responsibilities:
Participate in security events and incidents, with a focus on incident response and forensics in accordance with our incident response plan.
Perform detection, analysis, and containment of an incident in both on premises and cloud.
Determines and identifies severity and impact and assigns appropriate priorities to all events and incidents
As a member of the core incident response team, coordinates with Privacy, Compliance Investigations, Corporate Security, and others as warranted
Utilize Humana acquired technologies to conduct large-scale investigations and examine host and network-based sources of evidence.
Analyze message headers and identify actionable indicators for remediation.
Analyze logs from SIEMs using SPLUNK or SENTINEL, and other sources and be able to identify unauthorized activity.
Perform traffic and port scan during an incident investigation.
Use security tools including IDS, IPS, firewalls, proxies, Web Application Firewall (WAF), etc., to triage events that may lead to incidents.
Collaborate with forensic analysts and other analysts, law enforcement officers, and legal experts to recommend methods and procedures for recovery, preservation, and presentation of computer evidence.
Proficiency analyzing high volumes of logs, network data (e.g. NetFlow, Full Packet Capture), and other event/incident artifacts using SPLUNK or SENTINEL in support of incident investigations.
Ability to act as the incident quarterback and/or lead investigator.
Assists with post-incident activities
Recommend and document specific counter-measures and mitigating controls.
Develop comprehensive and accurate reports and presentations for both technical and executive audiences
Improve Humana's business processes and incident response methodologies.
Regularly interacts with leadership and customers
Required Qualifications
Bachelor's or Master's degree in a technical field
Minimum 5 years of information security experience
Possess one cybersecurity certification, such as:
GIAC Certified Incident Handler (GCIH)
GIAC Certified Enterprise Defender (GCED)
GIAC Certified Forensic Analyst (GCFA)
Technical expertise in at least three of the following areas:
Windows disk and memory forensics
Cloud Operations and Engineering
Network Security Monitoring (NSM), network traffic analysis, and log analysis
Unix or Linux disk and memory forensics
Static and dynamic malware analysis
NIST Kill Chain
MITRE ATT&CK
Applied knowledge in at least one scripting or development language (such as Python)
Understanding of enterprise security controls in Active Directory / Windows environments
Highly experienced with the installation and configuration of firewalls, intrusion detection systems, anti-virus software, and vulnerability scanning systems.
Must be passionate about contributing to an organization focused on continuously improving consumer experiences
Preferred Qualifications
Master's Degree in a Technical Field
Security Certification
Additional Information
Prior training and public speaking experience
Ability to exercise emotional intelligence and situational awareness.
Strong interpersonal communication skills.
Willingness to travel up to 10%
Scheduled Weekly Hours
40
Company info
Sign Up Now - EngineeringCrossing.com