Jobs & Internships


Cyber Incident Response Engineer - Remote


Kforce's client located in the Boston, MA area is looking for a Cyber Incident Response Engineer to join their team! This is a contract to permanent capacity.

This role is currently 100% remote and may switch back to office environment when COVID-19 ramps down. Key Tasks: Security Alert Management/Threat Hunting: • Monitor and analyze network and host-based security events and logs to identify potential security threats • Prioritize and differentiate between potential intrusion attempts and false alarms • Properly respond to alerts that require incident response review • Develop and tune threat detection rules Incident Response: • Manage information security incidents from triage through resolution • Manage multiple investigations concurrently • Lead across functional team of experts to resolve the incident investigation • Provide timely and relevant updates to appropriate stakeholders and decision makers • Conduct root cause analysis and partners with functional experts to determine the remediation path for incident resolution; Root cause analysis may include, but is not limited to malware analysis, computer forensic analysis, log reviews, personnel interviews, and technical troubleshooting; The CIRT Engineer will evaluate controls a teach level of security defense, from end-point to perimeter • Provide findings to relevant business leadership to help improve information security posture • Validate and maintain incident response plan to address the evolving threat landscape • Create and maintain strong relationships with key partners in the incident response ecosystem and ensure efficient alignment during the investigation process • Compile and analyze data for management reporting and metrics Threat Management: • Manage and analyze threat intelligence data received from cyber threat vendors • Monitor information security related websites (e.g., US-CERT, SANS Internet Storm Center) and mailing lists (e.g., SANS News Bites, etc.) Job Requirements REQUIREMENTS: • Five or more years of technical experience in the information security field, preferably in a Security Operations Center (SOC), Network Operations Center (NOC), or Computer Emergency/Incident Response Team (CERT/CIRT) • Three or more years of practical Cyber Incident Management and Threat Hunting experience • Advanced knowledge of information systems security concepts and technologies, including SIEM technologies, network architecture, database concepts, intrusion detection, cloud security, endpoint protection, email protection, malware remediation; And computer forensic tools such as EnCase and open source alternatives • Familiarity with security frameworks, such as NIST, and compliance standards such as HIPAA, GDPR and PCI • Strong understanding of incident, problem, and change management is preferred • Advanced knowledge and experience with the Windows and Linux operating systems • Working knowledge and experience with investigating malicious code • Demonstrated ability to apply technical and analytical skills in a security environment • Ability to work extremely well under pressure while maintaining a professional image and approach • Exceptional data analytics abilities; Can perform independent analysis and distill relevant findings and root cause • Strong analytical writing skills; Can articulate complex ideas clearly and effectively; Experience creating and presenting documentation and management reports • Team player with proven ability to work effectively with other business units, IT management and staff, Legal, vendors, and consultants Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status

To Apply: