Detection and Response Engineer
Here we have an opportunity with one of the finest data-driven investment management firms. The Detection and Response (D&R) Engineer will be responsible for helping develop the vision for a modern detection and incident response security program and executing upon that vision to deliver required capabilities. They will focus on understanding threats to the environments, research, develop and implement technical controls to detect malicious and anomalous activity, as well as automate responses to restrict or slow attacker progression. This is a hands-on role and scripting and automation experience is required.
- Design, implement and administer various security technologies as they relate to detection and response. These include, but are not limited to:
- SIEM, alerting, automation and playbook development
- Threat intelligence integrations
- InfoSec tools related to obtaining detection signals and increased capabilities
- Anomaly detection and user and entity behaviour analytics
- Act as incident owner during security incidents
- Secure architecture designs relative to both on premise and cloud environments
- Assess logging infrastructure in order to determine capability gaps
- Automate detection and response processes using commercial and/or custom built tools
- Report on actionable metrics regarding detection and response
- Execute detection and response testing and develop frameworks to test detection and response efficacy.
- Evaluate, design and implement security solutions to improve the confidentiality, integrity and/or availability of the firm’s intellectual property and systems, as needed in various projects
- Assist in the creation or modification of forward-thinking security policies and procedures as needed
- 3+ years of security engineering experience and 3+ years of scripting/automation experience
- Experience automating security activities, such as incident response actions, configuration changes, and threat hunting
- Strong understanding of both security and network fundamentals and protocols
- In-depth knowledge of Windows and Linux security best practices
- Familiarity with web application exploits and effective detection capabilities
- Proficient in automation or scripting using a high level language. Python or PowerShell preferred.
- Excellent written and verbal communications skills
- Strong team player, but can work independently with minimal oversight when required
- Financial Services industry experience is a plus
- BS in Computer Science, Electrical Engineering, Information Systems, or related area
Apply for this role
All fields marked with * are required.