Cybersecurity IR Engineer (remote)

Dice is the leading career destination for tech experts at every stage of their careers. Our client, Converge Technology Solutions, is seeking the following. Apply via Dice today!Position DescriptionThis exciting opportunity is a full-time, permanent role with Converge. As an Engineer within the Cybersecurity Strategy & Defense practice, you will act as a trusted advisor to our client base. The Engineer will provide expertise and guidance in technical service delivery efforts, specifically around Incident Response and Endpoint Detection technologies. The Engineer will also be involved in refining IR processes and consulting clients on cybersecurity best practices. We invest heavily in our team members growth with cross-technology and certification training.Key Responsibilities• Regularly monitor IR queues and assign tickets based on your area of expertise.• Triage and resolve tickets using QuickBooks and collaborate with team members as needed.• Conduct proactive threat hunts by developing hypotheses based on client specific threats and vulnerabilities.• Create and update IR QuickBooks (runbooks) informed by your experience with detection use cases.• Participate in required meetings and collaborate on addressing critical issues.• Develop subject matter expertise (SME) in one or more security technologies.• Assist with the IR content migration from Splunk Ad-Hoc to Splunk ES (Enterprise Security).Maintain a comprehensive understanding of the CrowdStrike environment to manage tasks such as:• Assessing the impact of recent CrowdStrike release notes and technical alerts, and implementing changes in accordance with client change management policies.• Creating and modifying Fusion workflows to enhance IR operational efficiency.• Developing and updating custom IOAs to detect specific threats relevant to client.• Possess a basic understanding of the Splunk environment and the ability to:• Use SPL (Search Processing Language) proficiently.• Create and modify saved searches tailored to IR operational needs.Competencies & Qualifications• 3+ years of experience in a professional cybersecurity capacity• 2+ years of experience working within Incident Response• Experience with EDR tools, especially Crowdstrike is required• Crowdstrike certifications are a big plus• Defensive cybersecurity certifications via SANS are a big plusWork Environment• Remote, work from homeTotal RewardsWe offer a comprehensive total rewards package that includes base salary, quarterly bonus, healthcare benefits, 401k match, company stock match program, PTO/holiday, training/development and so much more. Cybersecurity IR Engineer (remote)