Cyber Security Engineer - Incident Response

Cyber Security Engineer - Incident Response

Clarivate is hiring, and we are looking for a Cyber Security Engineer - Incident Response to join our team. In this role, you will work directly on our SOC team as the lead (level 3) engineer and be the escalation point for our level 1 and level 2 analysts. We would love to speak with you if you have skills in incident response, alert triaging, log analysis, and alert tuning.

About You - experience, education, skills, and accomplishments

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field or equivalent relevant work experience
• 4+ years of relevant work experience

It would be great if you also have...

• Strong understanding of cybersecurity principles, protocols, and technologies, both on-prem and in the major cloud provider environments.
• Competency in using Endpoint Detection and Response (EDR) tools like CrowdStrike or Carbon Black to detect, investigate, and remediate endpoint threats.
• Deep understanding of threat hunting and alert logic. A proven track record of alert tuning.
• Strong forensic analysis skills, including the use of tools like EnCase or FTK to investigate security breaches, gather evidence, and perform root cause analysis.
• Proven ability to lead complex incident response efforts, coordinating with cross-functional teams, conducting post-incident reviews, and improving response strategies.
• Conducted in-depth analysis of security alerts and incidents to determine the root cause and impact.
• Experience utilizing incident response plans, including containment, eradication, and recovery strategies.
• Lead investigations into security breaches and incidents, documenting findings and recommendations for remediation.
• Assist in the development and enforcement of security policies, procedures, and best practices.
• A track record of collaborating with cross-functional teams to assess security risks associated with new projects and initiatives.
• Experience providing guidance and mentorship to Level 1 Security Analysts, helping them enhance their skills and knowledge.
• Experience in the creation and maintenance of playbooks and SOPs.
• Possession of higher-level certifications such as CISSP (Certified Information Systems Security Professional), OSCP (Offensive Security Certified Professional), or CISM (Certified Information Security Manager).

What will you be doing in this role?

You will have an advanced role in safeguarding our organization's information systems. Using foundational cybersecurity knowledge, you will be responsible for identifying and mitigating complex security threats and vulnerabilities. You will work closely with senior analysts and management to contribute to the development and implementation of security policies, procedures, and controls to enhance our overall security posture. You will play a key role in the triaging of security incidents and assist more junior team members with escalations.

About the Team

We are a team of 33 security professionals from various walks of life with diverse experience. We are spread out across the world with team members located in North America, Europe, and Asia. We support our organization's internal teams and customer relations activities. The manager for this role is in North America. As a security team, our focus lies in four main areas (pillars) - Security Engineering and Operations, Product security, Security Architecture, and Governance Risk and Compliance.

Hours of Work

• Hybrid working model (office and home based)

Clarivate is an Equal Opportunity Employer Vets/Minorities/Women/Disabled.

Helping diverse candidates find great careers is our goal. The information you provide here is secure and confidential.