Incident Response Engineer

Job Description:
The Incident Response Engineer must have experience for leading and coordinating incident response activities to effectively detect, analyze, and mitigate security incidents. Strong background in cybersecurity, hands-on experience with incident response procedures and tools, and a commitment to maintaining the security posture of the organization and the ability to work in an existing environment.

Responsibilities:
-  Lead and coordinate incident response activities in accordance with established procedures and protocols set by the customer.
-  Optimize, detect, analyze, and respond to security incidents in real-time to minimize the impact on the organization.
-  Investigate security alerts, conduct root cause analysis, and determine the scope and severity of incidents.
-  Develop and implement incident response plans, playbooks, and procedures to streamline response efforts.
-  Collaborate with existing SOC operations, customer leadership, and cross-functional teams to coordinate incident response activities, which may include the customer’s IT, legal, and senior leadership.
-  Provide technical expertise and guidance to the existing SOC (Security Operations Center) analysts during incident investigations.
-  Document incident response activities, findings, and remediation efforts for reporting and analysis purposes.
-  Conduct post-incident reviews and lessons learned sessions to identify areas for improvement and enhance incident response capabilities.

Requirements:
-  Hands-on experience with incident response tools and technologies such as SIEM, EDR, and forensic analysis tools, preference for Elastic.
-  Strong understanding of incident response procedures, methodologies, and best practices.
-  Proficiency in scripting and automation for incident response workflows (e.g., Python, PowerShell).
-  Excellent analytical and problem-solving skills, with the ability to work under pressure in high-stress situations.
-  Relevant certifications such as CISSP, GIAC, or incident response certifications are a plus.

EQUAL EMPLOYMENT OPPORTUNITY

EEO/Affirmative Action Statement and Non-Discrimination Policy IMRI is an Equal Employment Opportunity employer committed to maintaining a non-discriminatory, diverse work environment. In accordance with Title VII of the Civil Rights Act of 1964, Section 503 of the Rehabilitation Act of 1973, Vietnam Era Veteran's Readjustment Assistance Act of 1974 (VEVRAA), Americans with Disabilities) (ADA), and other federal, state, and local anti-discrimination laws, IMRI does not unlawfully discriminate against any person on the basis of race, color, religion, sex, national origin, ancestry, genetic information, age, marital status, sexual orientation, physical or mental disability, or status as a special disabled veteran or other veteran. IMRI will take affirmative action to assure equal opportunity for employment is provided with regard to all personnel actions. This is including but not limited to: recruitment, selection, compensation, benefits, training, promotion, demotion, layoff, termination and all other terms and conditions of employment.