OverDrive
Security Engineer - Incident Responder (Mid-Level)
🇺🇸 Hybrid - OH
🕑 Full-Time
💰 TBD
💻 Cybersecurity
🗓️ February 22nd, 2024
Cybersecurity SIEMDESCRIPTION
This position is located in our Garfield Heights Headquarters. We are currently in a hybrid schedule, 2 days on campus and 3 days WFH.
Job Summary:
The Security Engineer - Incident Responder's responsibilities include planning and preparing for cybersecurity issues that have been identified as business risks. This is includes creating incident response playbooks for the actions to be performed if such an event occurs and training through tabletop exercises to ensure team members are prepared to handle these events. Many such events will be started based on data maintained and monitored by the incident responder with in the SIEM.
Responsibilities:
- Participate in Incident Response activities to coordinate security response efforts as needed.
- Ensure Incident Response processes and procedures are kept up to date for identified business risks. Create new processes as needed.
- Create incident response tabletop exercises to ensure appropriate company training and preparedness.
- Perform SIEM data retention planning, forecasting, and optimization.
- Build and maintain SIEM dashboards and high priority alerts that highlight organizational risk.
- Identify trends and search for threat actor activity across the enterprise environment.
- Investigate anomalous activity to determine root cause of activity; scope indicators of compromise/attack across the enterprise.
- Create internal presentations on enterprise cyber risks to improve SIEM content management and alerting; network and host signatures; and communicate results to a wide array of audiences.
- Collaborate with red-team members in the creation of behavior-based signatures in response to newly identified malicious activity or threats.
- Monitor email filter for emerging business threats and advise accordingly.
- Participate in weekly security team meetings.
- Contribute to monthly executive reports.
- Participate in security team on call rotation.
- Advocate security best practices throughout company.
- Provide guidance and support to technical and non-technical audiences.
- Develop metrics for monitoring the effectiveness of controls within the engineers focus area.
Requirements:
- 5+ years of related experience.
- Willingness to work in a hybrid work model.
- Technical knowledge of both Windows and Linux operating systems.
- Excellent interpersonal / communication skills.
- Well organized with strong attention to detail and ability to prioritize work.
- Valid Driver’s license.
What’s Next:
As you’ve probably guessed, OverDrive is a place that values individuality and variety. We don’t want you to be like everyone else, we don’t even want you to be like us—we want you to be like you! So, if you're interested in joining the OverDrive team, apply below and tell us what inspires you about OverDrive and why you think you are perfect for our team.
OverDrive values diversity and is proud to be an equal opportunity employer.
