Security Engineer (Remote) Jobs

Why This Role is Exciting

The AuditBoard Security Team is responsible for protecting our customer's audit program, so the audit program can be used to secure their enterprises.

AuditBoard is looking for a passionate and experienced Security Engineer (Incident Response Engineer) who will be responsible for incident response, threat hunting, and detections engineering to protect and maintain the overall security of the enterprise. The incident response engineer will design enhancements to cloud and container security baselines, configure cloud security assessment tool(s), analyze results, identify meaningful threats, and recommend remediation actions.

Key Responsibilities

• Assist with other Security Compliance activities as required
• Analyzing cyber security incidents to solve issues and improve incident handling procedures.
• Coordinating with third-party partners assisting with Incident Response, including MSSPs, Digital Forensics and Incident Management support partners.
• Creating thorough reports and documentation of all incidents and procedures; presenting findings to team and leadership on a routine basis
• Promptly responding to security threats and incidents, acting individually and as part of a team to resolve issues.
• Partnering with Security Engineering to build, maintain and improve visibility/detection capabilities and scalable monitoring platforms to identify and report security issues and threats.
• Proactively hunting for threats and enacting identification, containment, and eradication measures while supporting recovery efforts.
• Proactively creating custom detections, and configuring solutions to ensure top risks and threats can be more easily identified.

Attributes for a Successful Candidate

• Knowledge of operating systems including Linux/Unix and Windows, as well as containerization/virtualization technologies including docker and kubernetes.
• Must be action-oriented and have a proactive approach to solving issues
• Experience with cloud native security assessment tools such as Stackrox, Sydig, Lacework, Prisma or similar is a plus.
• 3 - 5 years working experience within Information Security related fields
• Must have a deep understanding of computer intrusion activities, incident response techniques, tools, and procedures.
• Certifications: GCFA, GCIH, GCFE, GNFA, GREM, GCCC
• Experience with scripting languages such as Bash, PowerShell, Python etc.
• Excellent written and verbal communication skills
• Excellent organization, time management, and attention to detail
• Technical understanding and competence with Public Cloud platforms especially AWS and Azure
• Thorough knowledge of digital forensics methodology as well as security architecture, system administration, and networking (including TCP/IP, DNS, HTTP, SMTP)
• Experience using SEIM solutions required, and experience with security data lakes preferred.
• BS or MS in computer science or related field
• Ability to work within an on-call shift rotation