Senior Detection and Response Engineer
| Company | CoStar Group |
|---|---|
| Location | Arlington, VA, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior |
Requirements
- Bachelor’s Degree required from an accredited, not for profit university or college.
- 6+ years of hands-on security engineering experience
- Excellent documentation and communication skills
- Strong understanding of attacker tactics, techniques and procedures.
- Understanding of Incident Response process and alert triage procedures.
- Understanding of MITRE ATTCK framework and how to apply it.
- Ability to identify opportunities for automation to increase detection and response efficacy.
- Proven experience developing and refining incident response strategy in an enterprise environment.
- Experience in scripting with languages such as PowerShell, Python, GoLang, Ruby, etc.
Responsibilities
- Own cyber security incidents from identification to resolution
- Ensure incidents and corresponding artifacts and evidence are consistently and accurately recorded
- Work with threat intelligence, detection engineering and security controls team to build a holistic lifecycle around incident preparedness and resolution
- Operate as a point of escalation for alert triage and provide expert guidance for investigation and incident resolution
- Own, maintain, and improve the Incident Response Plan and the corresponding processes and procedures
- Develop and deliver training as well as designing and delivering quarterly tabletop exercises
- Be a security advocate and point of contact for all things incident response through the enterprise.
Preferred Qualifications
- Experience performing incident response in cloud environments.
- Experience with threat intelligence and detection engineering
- Experience working with insider threats
- An understanding of Kubernetes environments and how to defend/attack them.
- Proven experience in coordinating Incident Response activities, or working in a SOC environment, or performing forensics in an enterprise environment.
- Experience coordinating with DevOps and Application Security teams to drive enhancement of preventative and detection capabilities.
- Ability to communicate with different levels of leadership across the enterprise to convey risk and drive urgency for risk remediation.
- Ability to mentor and train team members to work effectively and adopt new skills.