Incident Response Engineer

Main Location
San Rafael, CA, United States
Open jobs
powertofly approved What Autodesk, Inc. Has to Offer:

Autodesk makes the software and tools that help people imagine, design, and make a better world. If you've ever driven a high-performance car, admired a towering skyscraper, used a smartphone, or watched a great film, chances are you've experienced what millions of Autodesk customers are doing with their software. Autodesk offers their employees benefits like:

  • Insurance: Health/Dental/Vision/Life
  • Work - Life Balance
  • Paid volunteer time off
  • 6 week paid sabbatical every 4 years
  • Employee Resource Groups
  • A "week of rest" at year's end
  • Incident Response Engineer

    Location: Home Office OR San Francisco, CA, OR Boston, MA OR Portland, OR- United States

    Position Overview

    The incident response engineer / incident handler is responsible for monitoring, identifying, assessing, containing and responding to various information security events in a large and complex environment, as well as analyze, triage, and report on these incidents and investigations. The Incident Response Engineer develops, leads and monitors the incident process and provide preventive, detective, and investigative recommendations and controls. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behavior analytics. This position will work closely with the threat hunting and intelligence team to execute strategic vision for the department and assist in maturing our overall IR plans and policies. Responsibilities - Investigate incidents and respond to endpoint, network, and cloud security incidents promptly to mitigate damage or restore service - Review, identify, triage, and perform risk analysis and respond to security alerts and notifications sent by third parties or outside researchers - Provides weekly review and analysis of IDS/IPS/Firewalls logs and other monitoring systems - Lead and complete small to medium sized projects as directed by the incident response manager including all tasks and deliverables - Develop content to improve detective capabilities in Security Information and Event Management (SIEM) tool - Writes technical blogs, playbooks, and checklists for knowledge sharing or produce reports of findings and incident summary and post mortem - Develop and maintain playbooks to help analysts respond to cyber threats and provide consistent process of incident handling procedures - Perform the detection, identification, and reporting of possible network intrusions, anomalous activities, and misuse activities - Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, AWS logs to identify, contain and eradicate malicious code and ensure recovery from incidents - Analyze firewall logs, PCAP and IDS alerts, as well as anti-malware and endpoints EDR security alerts to investigate events and incidents for anomalous activity - Analyze a large volume of security event data from a variety of sources with the goal of identifying suspicious and malicious activity - Collaborate across organizational business units through participation in regular IR working group sessions and meetings - Create tickets and incidents reporting metrics, dashboards and scorecards in our security orchestration and automation platform - Enhance workflow and processes driving incident response activities and remediation or mitigation efforts Minimum Qualifications - Participation in on-call rotation periodically which may involve non-traditional working hours - Bachelor’s degree in Computer Engineering, Electrical Engineering, or Systems Engineering or computer science or demonstrated equivalent experience - 3-5 years of specialized experience in incident response, cyber investigations, or intrusion detection - Strong Understanding of information security architecture, mitigation of threats, and compensating controls - Experience performing data collection, incident response and forensics, and post mortem reports in cloud environments (AWS especially) - In-depth understanding of operating system kernels and features, advanced protection mechanisms, and security best practices - Proficiency with MS Office Applications, and strong familiarity and experience with Windows, Macintosh, and Linux operating systems operation, administration, and troubleshooting - Security certifications including but not limited to the following certifications (preferred) – CEH, GCFA, GNFA, GCIA and or GCIH or similar - Solid skills with scripting languages (Python, shell scripting, PowerShell, JavaScript, etc)

    About Autodesk

    With Autodesk software, you have the power to Make Anything. The future of making is here, bringing with it radical changes in the way things are designed, made, and used. It’s disrupting every industry: architecture, engineering, and construction; manufacturing; and media and entertainment. With the right knowledge and tools, this disruption is your opportunity. Our software is used by everyone - from design professionals, engineers and architects to digital artists, students and hobbyists. We constantly explore new ways to integrate all dimensions of diversity across our employees, customers, partners, and communities. Our ultimate goal is to expand opportunities for anyone to imagine, design, and make a better world. #ADSKSecurityCareers

    We're a community of women leveraging our connections into top companies to help underrepresented women get the roles they've always deserved. Simultaneously, we work to build truly inclusive hiring processes and environments where women can thrive and not just survive.
    Are you hiring? Join our platform for diversifiying your team
    Incident Response Engineer
    Autodesk, Inc.