IT Security Engineer

Summary:

Savers is seeking a self-driven and highly motivated and experienced cybersecurity professional to fill the role of an IT Security Incident Response Analyst on the Savers IT Security Team. This position reports directly to the Sr. Manager, IT Security.

The ideal candidate will have a thorough understanding of basic cybersecurity concepts and how to apply those concepts to systems and applications. They will also understand how systems, networks, cloud infrastructure, and applications interact to enable effective cyber incident response and threat hunting. They will be highly effective in communicating concepts, processes, and ideas in a thoughtful and organized manner. They will be able to effectively use critical thinking and analysis skills to aid them in investigating an incident or providing support for a project or initiative. Finally, they will have an insatiable curiosity and desire to dig in and thoroughly explore an incident or issue they have been tasked with.

Essential Job Functions:

• Protecting enterprise systems and information by promptly responding to security threats and incidents, acting individually and as part of a team to resolve issues.
• Proactively hunting for threats and enacting identification, containment, and eradication measures while supporting recovery efforts.
• Assist in the development and implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored.
• Act as subject matter expert to provide insight and guidance to colleagues engaging in prevention measures.
• Analyzing cyber security incidents to solve issues and improve incident handling procedures.
• Receive Tier 2/3 incident escalation from detection operations and assist with real-time, continuous (24x7) security event monitoring, response, and reporting.
• Proactive coordination with appropriate departments during a security incident – Client services, Infrastructure, Engineering, Application Services, and IT Security
• Conducting research regarding the latest methods, tools, and trends in digital forensics analysis
• Creating thorough reports and documentation of all incidents and procedures; presenting findings to team and leadership on a routine basis

Required Knowledge, Skills, and Abilities:

• Must have a deep understanding of computer intrusion activities, incident response techniques, tools, and procedures.
• Must have thorough knowledge of and hands-on experience with SIEM technologies. Experience with Azure Sentinel a plus.
• Knowledge of information security risk management frameworks and compliance practices.
• Knowledge of securing network technologies, client, and server operating systems.
• Experience responding to, analyzing, and communicating information security incidents.
• Experience coordinating security incident response efforts with a goal of containing and remediating incidents.
• Understanding of common security standards and regulations.
• Thorough knowledge of digital forensics methodology as well as security architecture, system administration, and networking (including TCP/IP, DNS, HTTP, FTP, SMTP, UDP, etc.)
• Knowledge of operating systems including Linux, Windows, and MacOS
• Experience with programming languages such as Python, C/C++, C#, JavaScript, PowerShell, KQL, etc.
• Excellent written and verbal communication skills.
• Excellent organization, time management, and attention to detail.
• Must have working knowledge of ITIL based service delivery principles and best practices and be able to apply those practices to drive effective cyber incident handling.
• Must be action-oriented and have a proactive approach to solving issues.
• Ability to work individually and as part of a team.

Minimum Required Education, Training and Experience:

• 5+ years of related experience with 2 years of incident handling as a member of an IT Help Desk or Security Operations Center
• 1-2 years of malware analysis experience.
• Associate or bachelor’s degree in computer science, cyber security, or related field is a plus.
• A minimum of CompTIA Sec+.
• Other industry relevant certifications are a plus (i.e., CISSP, CySA+, Network+, CASP+, PenTest+, CEH, ITIL, etc.).
•  

Physical Requirements:

• Ability to lift and carry up to 25 lbs.

FLSA Status

Tools and Equipment Used:

• Standard office tooling, O365, Visio
• Laptop or desktop computer
• Telephone

Travel:

• 10% or Less

Work Address:

• Boise SSC:  205 E. Watertower Ln. Meridian, ID 83642
• Remote – 75%