Senior Security Engineer - Digital Forensics and Incident Response (DFIR)
Company: Intuit
Location: San Diego
Posted on: March 15, 2025
Job Description:
We are seeking an experienced Senior Security Engineer to join
our Digital Forensics and Incident Response (DFIR) team within the
broader Security Incident Response Team (SIRT), to help our
organization respond to cyber-attacks. The ideal candidate will
have a deep understanding of the security incident response and
incident management process, attacker kill chains / methodologies,
be able to respond quickly to attacks, restore services, and
forensically investigate the root cause. As a member of our SIRT,
you will closely collaborate with other engineers to design and
implement solutions, improve incident response readiness, and
provide guidance and training to external
teams.Responsibilities
- Oversee and promptly respond to escalated security events or
investigations, and activate the Security Incident Response Plan as
required.
- Provide on-call support for critical severity issues, manage
communications, and report incident status to the appropriate
stakeholders.
- Lead forensic analysis and conduct investigations to ascertain
the root cause, scope, and impact of security incidents.
- Develop, maintain, and improve incident response plans,
procedures, and playbooks to ensure swift action and regulatory
compliance.
- Present guidance and training on security best practices and
incident response to organizational partners, while ensuring
alignment with business objectives and compliance
requirements.
- Mentor and train incident responders on incident handling
techniques, forensic analysis, and cloud security forensics and
best practices.
- Collaborate with Compliance, Legal, and Risk teams to integrate
incident response operations with business and regulatory
needs.
- Assess vulnerabilities, propose remediation strategies, and
keep up-to-date on current and emerging security trends, threats,
and countermeasures.
- A Bachelor's degree or higher in Technology, Computer Science,
Cybersecurity, or a related field is preferred.
- Possession of industry-recognized professional level
certifications such as AWS Security Specialty, GCIH, GCFA, GFCE,
CISSP is advantageous.
- 3-5 years of experience in a dedicated cybersecurity role, with
a strong emphasis on digital forensics and incident response.
- 1-3 years experience using scripting languages such as bash,
powershell, and python.
- Experience performing analysis and detection engineering using
Endpoint Detection and Response or Cloud Security Posture
Management tools such as CrowdStrike Falcon, SentinelOne, and
Wiz
- Comprehensive understanding of cybersecurity and networking
principles, including protocols, ports, and frameworks such as
OWASP, MITRE ATT&CK, NIST, and CIS.
- Experience using and defending Public Cloud services such as
AWS, Azure, and GCP. (IAM, CI/CD Pipelines, Network Security,
DLP)
- Deep understanding of Security Information, and Event
Management (SIEM) solutions such as Splunk, LogScale.
- Strong analytical and problem-solving abilities, with a focus
on identifying root causes and assessing risk exposure.
- Exceptional communication skills, both verbal and written,
capable of explaining technical details to non-technical audiences
and fostering strong stakeholder relationships.
- Self-motivated with the ability to work autonomously, managing
tasks effectively and seeking assistance when necessary.
- Proficient in working under pressure in a dynamic environment,
prioritizing tasks to meet tight deadlines while maintaining
procedural discipline.
- Profound knowledge of digital forensics technologies and
methodologies, as well as expertise in the Security Incident
Response Lifecycle according to frameworks like NIST or SANS.
- Adaptable and proactive attitude, willing to take on various
responsibilities and eager to continuously learn and upgrade
skills.
- Proficient understanding of AI technologies and their
application in enhancing security operations, threat detection, and
incident response.If you have a passion for security and a proven
track record in incident response and security operations, we
invite you to apply for this role. Join our SIRT and help us
protect our organization and our customers from cyber-attacks.
#J-18808-Ljbffr
Keywords: Intuit, San Diego , Senior Security Engineer - Digital Forensics and Incident Response (DFIR), Engineering , San Diego, California
Didn't find what you're looking for? Search again!
Loading more jobs...