The point where experts and best companies meet
Intuit Senior Security Engineer - Digital Forensics Incident Response DFIR United States, California 452907493
17.04.2025
Share
Responsibilities
- Oversee and promptly respond to escalated security events or investigations, and activate the Security Incident Response Plan as required.
- Provide on-call support for critical severity issues, manage communications, and report incident status to the appropriate stakeholders.
- Lead forensic analysis and conduct investigations to ascertain the root cause, scope, and impact of security incidents.
- Develop, maintain, and improve incident response plans, procedures, and playbooks to ensure swift action and regulatory compliance.
- Present guidance and training on security best practices and incident response to organizational partners, while ensuring alignment with business objectives and compliance requirements.
- Mentor and train incident responders on incident handling techniques, forensic analysis, and cloud security forensics and best practices.
- Collaborate with Compliance, Legal, and Risk teams to integrate incident response operations with business and regulatory needs.
- Assess vulnerabilities, propose remediation strategies, and keep up-to-date on current and emerging security trends, threats, and countermeasures.
Qualifications
- A Bachelor’s degree or higher in Technology, Computer Science, Cybersecurity, or a related field is preferred.
- Possession of industry-recognized professional level certifications such as AWS Security Specialty, GCIH, GCFA, GFCE, CISSP is advantageous.
- 3-5 years of experience in a dedicated cybersecurity role, with a strong emphasis on digital forensics and incident response.
- 1-3 years experience using scripting languages such as bash, powershell, and python.
- Experience performing analysis and detection engineering using Endpoint Detection and Response or Cloud Security Posture Management tools such as CrowdStrike Falcon, SentinelOne, and Wiz
- Comprehensive understanding of cybersecurity and networking principles, including protocols, ports, and frameworks such as OWASP, MITRE ATT&CK, NIST, and CIS.
- Experience using and defending Public Cloud services such as AWS, Azure, and GCP. (IAM, CI/CD Pipelines, Network Security, DLP)
- Deep understanding of Security Information, and Event Management (SIEM) solutions such as Splunk, LogScale.
- Strong analytical and problem-solving abilities, with a focus on identifying root causes and assessing risk exposure.
- Exceptional communication skills, both verbal and written, capable of explaining technical details to non-technical audiences and fostering strong stakeholder relationships.
- Self-motivated with the ability to work autonomously, managing tasks effectively and seeking assistance when necessary.
- Proficient in working under pressure in a dynamic environment, prioritizing tasks to meet tight deadlines while maintaining procedural discipline.
- Profound knowledge of digital forensics technologies and methodologies, as well as expertise in the Security Incident Response Lifecycle according to frameworks like NIST or SANS.
- Adaptable and proactive attitude, willing to take on various responsibilities and eager to continuously learn and upgrade skills.
- Proficient understanding of AI technologies and their application in enhancing security operations, threat detection, and incident response.
These jobs might be a good fit
