Intern supporting cybersecurity consulting with Guidehouse's federal clients. Engaging in hands - on projects and learning development opportunities within a structured internship program.
About the role
- Security Engineer, Incident Response responsible for leading and executing cybersecurity incident responses at Instructure. Collaborating with teams to enhance security initiatives and procedures.
Responsibilities
- Lead and direct all phases of the incident response lifecycle, from initial detection and triage to containment, eradication, and post-incident analysis and review.
- Conduct in-depth forensic analysis of security incidents to determine the root cause, assess the impact, and define the scope of the incident.
- Collaborate with engineering and product teams to develop and implement effective containment and eradication strategies for SaaS environments.
- Coordinate recovery activities to ensure the timely and secure restoration of impacted systems and services.
- Support design, develop, and implement robust detection rules and signatures across our security toolset (e.g., SIEM, EDR, WAF, CSPM) to proactively identify malicious activity.
- Continuously refine and optimize detection rules to minimize false positives and enhance the accuracy of our security alerts.
- Evaluate and recommend new security technologies and methodologies to enhance our security posture.
- Create and maintain detailed documentation for all incident response procedures, playbooks, and runbooks.
- Develop and document security best practices and guidelines for engineering and product teams.
- Contribute to the creation and maintenance of our overall security knowledge base.
- Schedule and manage tabletop exercises to test and refine our incident response capabilities.
- Document the results of tabletop exercises and track the remediation of any identified gaps.
- Provide training and guidance to junior analysts and other team members on incident response and security best practices.
Requirements
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
- Proven experience in a security role with a strong focus on incident response and security engineering.
- Demonstrated experience leading incident response for a SaaS product company.
- Strong understanding of common attack techniques, tactics, and procedures (TTPs).
- Experience with Security Information and Event Management (SIEM) platforms (e.g., Splunk, Elastic SIEM, Microsoft Sentinel) and developing detection rules.
- Familiarity with Endpoint Detection and Response (EDR) solutions.
- Proficiency in at least one scripting language (e.g., Python, Go, etc).
- Excellent analytical, problem-solving, and communication skills.
- Proven ability to write clear and concise documentation.
- This position includes participation in an on-call rotation
Benefits
- Competitive compensation, plus all full-time employees participate in our ownership program - because everyone should have a stake in our success.
- Flexible schedules and a remote-friendly culture, with hybrid or onsite work options available in some regions for specific roles
- Generous time off, including local holidays and our annual company-wide “Dim the Lights” week in late December, when we encourage everyone to step back and recharge
- Comprehensive wellness programs and mental health support
- Annual learning and development stipends to support your growth
- The technology and tools you need to do your best work — typically a Mac, with PC options available in some locations
- Motivosity employee recognition program
- A culture rooted in inclusivity, support, and meaningful connection
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Security Engineering Manager leading network security engineering team at General Motors. Ensuring the reliability, performance, and security of global network infrastructure supporting automotive technologies.
VP, Information Security Officer managing cyber risk and advisory services at State Street. Collaborating with teams to protect digital assets and enhance security measures across the organization.
Senior Security Consultant enhancing AI security solutions at BAE Systems. Conducting security assessments and advising clients on AI risk management in national security projects.
IT Security Specialist focusing on cyber defense within a family - owned company. Responsibilities include managing firewalls, monitoring threats, and implementing security solutions.
Junior Information Systems Security Engineer at AMERICAN SYSTEMS managing DoD cyber security. Collaborating on technical issues and supporting risk management framework compliance.
Information Systems Security Engineer assisting in cyber security requirements for DoD systems. Collaborating closely with customers and ensuring compliance with the DoD Risk Management Framework.
Staff Product Security Engineer driving security innovation while ensuring compliance with federal standards at DataRobot. Leading security engineering, automation, and customer engagement for federal customers.
Auszubildende(n) zur Fachkraft für Schutz und Sicherheit in Hamburg bei proSicherheit GmbH. Modernes Sicherheitsunternehmen mit Fokus auf Sicherheit und Vertrauensaufbau.
Security staff for proSicherheit performing access controls and ensuring compliance with safety standards. Involves reporting, patrolling, and handling emergencies in Hamburg area.