Cybersecurity Incident Response Engineer

Overview
Job Description

At Jacobs, we’re challenging today to reinvent tomorrow by solving the world’s most critical problems for thriving cities, resilient environments, mission-critical outcomes, operational advancement, scientific discovery and cutting-edge manufacturing, turning abstract ideas into realities that transform the world for good.

Your impact

At Jacobs, we are dedicated to pushing the boundaries of innovation and delivering exceptional solutions to our clients. As a leader in our industry, we recognize the critical importance of synergies between cybersecurity, infrastructure, data, applications, and cloud technologies in today’s digital landscape.

We are looking for a skilled and experienced Cybersecurity Incident Response Engineer with expertise in building rules for Security Operations Centers (SOC), workflows for Security Information and Event Management (SIEM) systems, and capability to perform system administration responsibilities for other cybersecurity systems to join our dynamic team.  This role requires a broad understanding of cybersecurity principles, incident response procedures, and the ability to work in a fast-paced environment.

Your Profile will include

Correlation Rule Development:

  • Design, develop, and implement correlation rules within SIEM systems to identify and respond to security events.
  • Continuously refine and optimize correlation rules to reduce false positives and improved detection accuracy.
  • Collaborate with SOC analyst and incident responders to understand threat scenarios and translate them into effective correlation rules.

Log Source Management:

  • Configure and manage log sources to ensure comprehensive and accurate data collection from various security devices, applications, and network infrastructure.
  • Validate the integrity and completeness of log data to support effective monitoring and incident investigation.
  •  Work with system owners to onboard new log sources and ensure they are correctly integrated into the SIEM system.

Security Monitoring and Incident Response Incident Response:

  • Monitor security alerts and events generated by SIEM system to detect potential security incidents.
  • Assist in the investigation and analysis of security incidents, providing expertise on the interpretation of SIEM data and correlation rules.
  • Collaborate with SOC team members to ensure optimal performance and security.

System Administration:

  • Perform regular maintenance and updates of SIEM, EDR, SOAR and Case Management systems to ensure optimal performance and security.
  • Troubleshoot and resolve issues related to SIEM, EDR, SOAR and Case Management systems, log source integrations and business logic.
  • Maintain documentation of SIEM, EDR, SOAR and Case Management configurations, correlations rules, and log source setups.

Reporting and Compliance:

  • Generate and review reports on security events, incidents, SIEM, EDR, SOAR, and Case Management system performance.

Required Skills and Qualifications

Technical Skills:

  • Proficiency in configuring and managing SIEM, EDR, SOAR, and Case Management Systems (e.g., QRadar, IBM-Resilient, CrowdStrike Falcon)
  • Strong knowledge of security event logging, log management, and log analysis.
  • Experience in scripting languages (e.g., Python, PowerShell) for automating tasks and developing custom scripts for SIEM, EDR, SOAR, and Case Management systems.
  • Endpoint Detection & Response
  • Experience creating, managing, and monitoring Sensor Upgrade policies.
  • Experience creating, managing, and monitoring Prevention policies.
  • Validating and whitelisting false positive detections within the Jacobs environment
  • Manage the hygiene of all endpoints in CrowdStrike to ensure correct versioning and policy assignment.
  • Ability to create workflows using built in SOAR capabilities.

Security Knowledge:

  • In-depth understanding of cybersecurity principles, threat landscapes, and attack vectors.
  • Familiarity with network protocols, operating systems (Windows, Linux, iOS) and common security technologies (firewalls, IDS/IPS, antivirus, etc.)
  • Knowledge of regulatory requirements and industry standards (e.g., GDPR, HIPPA, PCI-DSS, NIST, MITRE ATT&CK)

Analytical and Problem-Solving Skills:

  • Strong analytical skills to interpret complex log data and develop effective correlation rules.
  • Ability to troubleshoot and resolve technical issues related to SIEM systems and log sources.
  • Attention to detail and a methodical approach to problem-solving.

Communication and Collaboration:

  • Excellent written and verbal communication skills for documenting configurations and reporting incidents.
  • Ability to work collaboratively with SOC analysts, incident responders, and other stakeholders, including technical teams, management, and external partners.
  • Strong organizational skills to manage multiple tasks and projects simultaneously.

Here’s what you’ll need

Education:

Bachelor’s degree in computer science, information technology, or equivalent length of experience in cybersecurity, or related field.

Professional Experience:

  • 3-5 years of administration experience specifically in SIEM (QRadar), Endpoint Detection & Response (CrowdStrike Falcon), SOAR & Case Management (IBM-Resilient).
  • 3-5 years of experience in SOC operations or related cybersecurity role.
  • Proven track record of developing an optimizing correlation rules in SIEM systems.
  • Hands-on experience with configuring and managing log sources from various security devices and applications.
  • Demonstrated ability to lead SIEM, EDR, and SOAR implementation projects and coordinate with multiple teams.

Any one of the following certifications is desired:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Ethical Hacker (CEH)
  • GIAC Security Essentials (GSEC)

SIEM – Specific Certifications:

  • IBM Certified Associate Administration – IBM QRadar SIEM
  • IBM Certified Administration – IBM QRadar SIEM

EDR – Specific Certifications:

  • CrowdStrike Certified Falcon Administrator (CCFA)

SOAR – Specific Certifications

  • IBM Resilient SOAR Foundations Badge
  • IBM Certified SOC Analyst – QRadar SIEM

Jacobs’ health and welfare benefits are designed to invest in you, and in the things you care about. Your health. Your well-being. Your security. Your future. Employees have access to medical, dental, vision, and basic life insurance, a 401(k) plan, and the ability to purchase company stock at a discount. Eligible employees may also enroll in a deferred compensation plan or the Executive Deferral Plan. Jacobs has an unlimited U.S. Personalized Paid Time Off (PPTO) policy for full-time salaried/exempt employees, seven paid holidays, one floating holiday, and caregiver leave. And certain roles may be eligible for additional rewards, including merit increases, performance discretionary bonus, and stock.

The base salary range for this position is $93,800.00 to $146,600.00. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.

Receive jobs from , on your whatsapp

Stay up to date with job opportunities, directly on your WhatsApp!
Receive instant notifications about the latest job openings in your region

Anúncio

Related Jobs

Related Jobs to Cybersecurity Incident Response Engineer

Clinical Care Navigator
392 days ago

Lyra is transforming mental health care through technology with a human touch to help people feel emotional...

Software Developer
323 days ago

AccuWeather is recognized and documented as the most accurate source of weather forecasts and warnings in the ...

Senior or Staff Frontend Engineer - React
391 days ago

We’re looking for an experienced full-time (or part-time) Frontend Software Engineer to join our engin...

Account Executive, Mid Market
301 days ago

We are looking for a seasoned Mid-Market Account Executive to continue driving LeadIQ’s suite of capabilitie...

Principal SEO
318 days ago

We are looking for a Principal SEO to guide the strategy for the company’s organic growth. This role involve...

Enterprise Account Executive
392 days ago

From the very beginning, SugarCRM had a unique vision: to offer a different kind of Customer Relationship Man...

Freelance English Transcriptionist (AMER/EMEA)
369 days ago

We are seeking a skilled and experienced Freelance Transcriptionist to join our team. As a Freelance Transcrip...

Business Analyst
358 days ago

Piper Companies is seeking a Business Analyst to join a global investment company out of Wayne, PA. This...

Account Executive
376 days ago

Adentro was created to solve one of the most important problems in the modern economy—the majority of consu...

HR Business Partner
382 days ago

Headway’s mission is a big one – to build a new mental health care system everyone can access. We’v...

Technical Writer - Security
374 days ago

We are looking for a Technical Writer to join our tech client’s commercial enterprise services team and wr...

Manager, Communications - People Team
392 days ago

We are seeking a dynamic and experienced Communication Manager to join our team and lead all internal team mem...

Data Analyst
296 days ago

The Data Analyst will design, develop and validate reports and metrics to measure business performance across ...

Software Developer
Software Developer
336 days ago

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are a...

Sr. Product Designer - Ad Products & Monetization
346 days ago

We are seeking a Senior Product Designer to become an integral part of our Ad Products & Monetization team...

Back-end Developer (Node.js)
366 days ago

The IT сompany Andersen invites a Back-end Developer (Node.js) to work on a large-scale project for our USA ...

Technical SEO Strategist
375 days ago

Ferguson is North America’s leading value-added distributor across residential, non-residential, new constru...

Healthcare Customer Service Representative
379 days ago

We’re obsessed with growth. From enabling companies to flourish, to helping careers bloom. SupportNinja wa...

Medical Communications Designer
392 days ago

We are seeking a talented and creative Medical Communications Designer to join our pharmaceutical industry cli...

Client Success Manager
382 days ago

Degreed is the upskilling platform that connects learning to opportunities. We integrate everything people us...

Senior Product Manager
375 days ago

Are you passionate about building products from scratch? Are you ready to manage a product that influences h...

Business Development Manager
367 days ago

Buying a used car has been essentially the same for 75 years: what’s the mileage, what’s the vehicle histo...

Customer Experience and Insights Manager, Enterprise
380 days ago

Upwork ($UPWK) is the world’s work marketplace. We serve everyone from one-person startups to large, Fortune...

Software Engineer, Platform
393 days ago

Branch is on a mission to help working Americans grow financially. We do this by helping companies accelerate ...