Cybersecurity Incident Response Engineer

Overview
Job Description

At Jacobs, we’re challenging today to reinvent tomorrow by solving the world’s most critical problems for thriving cities, resilient environments, mission-critical outcomes, operational advancement, scientific discovery and cutting-edge manufacturing, turning abstract ideas into realities that transform the world for good.

Your impact

At Jacobs, we are dedicated to pushing the boundaries of innovation and delivering exceptional solutions to our clients. As a leader in our industry, we recognize the critical importance of synergies between cybersecurity, infrastructure, data, applications, and cloud technologies in today’s digital landscape.

We are looking for a skilled and experienced Cybersecurity Incident Response Engineer with expertise in building rules for Security Operations Centers (SOC), workflows for Security Information and Event Management (SIEM) systems, and capability to perform system administration responsibilities for other cybersecurity systems to join our dynamic team.  This role requires a broad understanding of cybersecurity principles, incident response procedures, and the ability to work in a fast-paced environment.

Your Profile will include

Correlation Rule Development:

  • Design, develop, and implement correlation rules within SIEM systems to identify and respond to security events.
  • Continuously refine and optimize correlation rules to reduce false positives and improved detection accuracy.
  • Collaborate with SOC analyst and incident responders to understand threat scenarios and translate them into effective correlation rules.

Log Source Management:

  • Configure and manage log sources to ensure comprehensive and accurate data collection from various security devices, applications, and network infrastructure.
  • Validate the integrity and completeness of log data to support effective monitoring and incident investigation.
  •  Work with system owners to onboard new log sources and ensure they are correctly integrated into the SIEM system.

Security Monitoring and Incident Response Incident Response:

  • Monitor security alerts and events generated by SIEM system to detect potential security incidents.
  • Assist in the investigation and analysis of security incidents, providing expertise on the interpretation of SIEM data and correlation rules.
  • Collaborate with SOC team members to ensure optimal performance and security.

System Administration:

  • Perform regular maintenance and updates of SIEM, EDR, SOAR and Case Management systems to ensure optimal performance and security.
  • Troubleshoot and resolve issues related to SIEM, EDR, SOAR and Case Management systems, log source integrations and business logic.
  • Maintain documentation of SIEM, EDR, SOAR and Case Management configurations, correlations rules, and log source setups.

Reporting and Compliance:

  • Generate and review reports on security events, incidents, SIEM, EDR, SOAR, and Case Management system performance.

Required Skills and Qualifications

Technical Skills:

  • Proficiency in configuring and managing SIEM, EDR, SOAR, and Case Management Systems (e.g., QRadar, IBM-Resilient, CrowdStrike Falcon)
  • Strong knowledge of security event logging, log management, and log analysis.
  • Experience in scripting languages (e.g., Python, PowerShell) for automating tasks and developing custom scripts for SIEM, EDR, SOAR, and Case Management systems.
  • Endpoint Detection & Response
  • Experience creating, managing, and monitoring Sensor Upgrade policies.
  • Experience creating, managing, and monitoring Prevention policies.
  • Validating and whitelisting false positive detections within the Jacobs environment
  • Manage the hygiene of all endpoints in CrowdStrike to ensure correct versioning and policy assignment.
  • Ability to create workflows using built in SOAR capabilities.

Security Knowledge:

  • In-depth understanding of cybersecurity principles, threat landscapes, and attack vectors.
  • Familiarity with network protocols, operating systems (Windows, Linux, iOS) and common security technologies (firewalls, IDS/IPS, antivirus, etc.)
  • Knowledge of regulatory requirements and industry standards (e.g., GDPR, HIPPA, PCI-DSS, NIST, MITRE ATT&CK)

Analytical and Problem-Solving Skills:

  • Strong analytical skills to interpret complex log data and develop effective correlation rules.
  • Ability to troubleshoot and resolve technical issues related to SIEM systems and log sources.
  • Attention to detail and a methodical approach to problem-solving.

Communication and Collaboration:

  • Excellent written and verbal communication skills for documenting configurations and reporting incidents.
  • Ability to work collaboratively with SOC analysts, incident responders, and other stakeholders, including technical teams, management, and external partners.
  • Strong organizational skills to manage multiple tasks and projects simultaneously.

Here’s what you’ll need

Education:

Bachelor’s degree in computer science, information technology, or equivalent length of experience in cybersecurity, or related field.

Professional Experience:

  • 3-5 years of administration experience specifically in SIEM (QRadar), Endpoint Detection & Response (CrowdStrike Falcon), SOAR & Case Management (IBM-Resilient).
  • 3-5 years of experience in SOC operations or related cybersecurity role.
  • Proven track record of developing an optimizing correlation rules in SIEM systems.
  • Hands-on experience with configuring and managing log sources from various security devices and applications.
  • Demonstrated ability to lead SIEM, EDR, and SOAR implementation projects and coordinate with multiple teams.

Any one of the following certifications is desired:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Ethical Hacker (CEH)
  • GIAC Security Essentials (GSEC)

SIEM – Specific Certifications:

  • IBM Certified Associate Administration – IBM QRadar SIEM
  • IBM Certified Administration – IBM QRadar SIEM

EDR – Specific Certifications:

  • CrowdStrike Certified Falcon Administrator (CCFA)

SOAR – Specific Certifications

  • IBM Resilient SOAR Foundations Badge
  • IBM Certified SOC Analyst – QRadar SIEM

Jacobs’ health and welfare benefits are designed to invest in you, and in the things you care about. Your health. Your well-being. Your security. Your future. Employees have access to medical, dental, vision, and basic life insurance, a 401(k) plan, and the ability to purchase company stock at a discount. Eligible employees may also enroll in a deferred compensation plan or the Executive Deferral Plan. Jacobs has an unlimited U.S. Personalized Paid Time Off (PPTO) policy for full-time salaried/exempt employees, seven paid holidays, one floating holiday, and caregiver leave. And certain roles may be eligible for additional rewards, including merit increases, performance discretionary bonus, and stock.

The base salary range for this position is $93,800.00 to $146,600.00. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.

Receive jobs from , on your whatsapp

Stay up to date with job opportunities, directly on your WhatsApp!
Receive instant notifications about the latest job openings in your region

Anúncio

Related Jobs

Related Jobs to Cybersecurity Incident Response Engineer

Account Executive, Mid Market
277 days ago

We are looking for a seasoned Mid-Market Account Executive to continue driving LeadIQ’s suite of capabilitie...

Senior or Staff Frontend Engineer - React
367 days ago

We’re looking for an experienced full-time (or part-time) Frontend Software Engineer to join our engin...

Enterprise Account Executive
368 days ago

From the very beginning, SugarCRM had a unique vision: to offer a different kind of Customer Relationship Man...

Freelance English Transcriptionist (AMER/EMEA)
345 days ago

We are seeking a skilled and experienced Freelance Transcriptionist to join our team. As a Freelance Transcrip...

Clinical Care Navigator
368 days ago

Lyra is transforming mental health care through technology with a human touch to help people feel emotional...

Business Analyst
334 days ago

Piper Companies is seeking a Business Analyst to join a global investment company out of Wayne, PA. This...

Technical Writer - Security
350 days ago

We are looking for a Technical Writer to join our tech client’s commercial enterprise services team and wr...

Principal SEO
294 days ago

We are looking for a Principal SEO to guide the strategy for the company’s organic growth. This role involve...

Manager, Communications - People Team
368 days ago

We are seeking a dynamic and experienced Communication Manager to join our team and lead all internal team mem...

HR Business Partner
358 days ago

Headway’s mission is a big one – to build a new mental health care system everyone can access. We’v...

Software Developer
299 days ago

AccuWeather is recognized and documented as the most accurate source of weather forecasts and warnings in the ...

Technical SEO Strategist
351 days ago

Ferguson is North America’s leading value-added distributor across residential, non-residential, new constru...

Healthcare Customer Service Representative
355 days ago

We’re obsessed with growth. From enabling companies to flourish, to helping careers bloom. SupportNinja wa...

Account Executive
352 days ago

Adentro was created to solve one of the most important problems in the modern economy—the majority of consu...

Senior Product Manager
351 days ago

Are you passionate about building products from scratch? Are you ready to manage a product that influences h...

Back-end Developer (Node.js)
342 days ago

The IT сompany Andersen invites a Back-end Developer (Node.js) to work on a large-scale project for our USA ...

Software Engineer, Platform
369 days ago

Branch is on a mission to help working Americans grow financially. We do this by helping companies accelerate ...

Customer Experience and Insights Manager, Enterprise
356 days ago

Upwork ($UPWK) is the world’s work marketplace. We serve everyone from one-person startups to large, Fortune...

Software Engineer
257 days ago

Nelnet Business Services (NBS), a division of Nelnet, Inc., provides payment technology, education services, a...

Technical Consultant - MST or PST
180 days ago

PerfectServe offers best in KLAS assets in three categories: clinical communications, scheduling, and patient ...

Enterprise Account Executive
353 days ago

Density’s mission is to measure and improve our footprint on the world. We help companies understand how th...

Data Analyst
156 days ago

Today, we are working with businesses from various parts of the world, including North America, Western Europe...

Educational Sales Coordinator
352 days ago

Varsity Tutors is looking for Educational Sales Coordinators to join our team! Varsity Tutors is revolutionizi...

Senior Software Engineer - Backend
356 days ago

When hiring, we look for candidates who can thrive in our culture of trust, feedback, and rapid growth. We bel...