Job Description
Responsibilities:
Provide technical, hands-on incident investigation and support and serve as a primary point of contact with management.
Participate in the incident response and investigation process for identified and escalated security events. Additionally, track, document and close post incident response action items.
Perform network and system forensics in response to security alerts both in on-prem and cloud (AWS and Azure).
Optimize and customize security-monitoring tools in order to improve detection.
Understanding of the tactics, techniques and procedures of advanced attackers, to hunt for signs of APT activities.
Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
Evaluates projects to ensure proper security requirements and work actively with stakeholders on corporate-wide information security project planning and documentation
Lead and train junior incident responders in the steps to take to investigate and resolve computer security incidents.
Requirements:
Minimum 5-7 years of hands-on experience in cybersecurity incident response, threat detection or related role.
Expertise in incident response tools (SIEM, EDR, IDS/IPS, Firewalls etc.)
Strong knowledge of attack vectors, threat hunting etc (Good to have: malware analysis and digital forensics)
Deep understanding of operating systems (Windows, Linux, macOS) and their associated security mechanisms.
Experience with cloud security and incident response in environments such as AWS and Google Cloud.
Solid understanding of network protocols and architecture.
Ability to automate solutions to repetitive problems/tasks using scripting languages such as Perl, Python, PowerShell or Bash.
Ability to leverage multiple forms of communication to articulate complex concepts to both technical and non-technical staff, including senior management.
Great interpersonal skills and love for a team environment.
Nice to have:
Exposure to incident response of cloud-based and distributed infrastructures are a plus.
Certifications from SANS, Offensive Security, ISC2 is a plus.
The Canadian CAD base salary range for this full-time position is $107,000 - $134,000 . Your base pay will depend on your experience, skills, education, training, and location among other factors. All full-time positions or part-time roles working 30 hours or more a week at Guidewire are eligible for benefits that support their health and well-being including health, dental, and vision insurance, paid time off, and a company sponsored retirement plan. In addition, some roles may be eligible for the annual company bonus plan, commissions, and/or long term incentive awards which are contingent on a variety of factors including, but not limited to, company and employee performance.