As a Senior Incident Response Engineer in our Threat and Response organization, you will be responsible for handling and responding to different security incident, writing codes to automate some of our process, and provide mentorship to junior engineers.
The enterprise threat landscape is constantly evolving and in order to maintain pace with new threats and vulnerabilities GoDaddy's Incident Response team seeks a Senior Incident Response Analyst.
An ideal candidate for this role is able to work independently with limited supervision, understands and can execute appropriate action on a wide range events in on-premise and cloud environments, provides mentorship and oversight to junior peers, and is capable of guiding improvements in an ever-changing enterprise environment.
This position is for a shift-based role and may require extended hours and/or on-call participation.
What you'll get to do
- Incident handling and incident management
- Investigation, validation, and remediation of security events
- Develop, document and maintain processes & procedures
- Improve incident response capabilities by participating in development of automation and tooling
- Stakeholder management of key players within our European region
- Collaboration with other teams to develop, deploy & tune detection alerts
- Provide ongoing mentorship of peers and help to build training paths for junior analysts
Your experience should include
- 3+ years of experience working in an incident response role or setting
- Bachelor's degree or Master's degree in Information Security, Computer Science or other related degree is preferred
- Incident Response specific or other relevant certifications preferred [ex. GCIH, ECIH, CISSP, etc.]
- Understanding of security principles and good security practices across multiple security domains
- Experience implementing and executing incident response actions in an enterprise environment
- Administration skills in Windows, Linux, and MacOSX
- Ability to understand and apply the cyber kill chain model to events
- Knowledge of CIS or similar security frameworks
- Previous experience with any/all of the following tools is helpful: Splunk, ELK, Tanium, TrendMicro, Atlassian, ServiceNow, Github, Okta
- Experience with incident response in cloud platforms [AWS, GCP, etc] is desired
- Ability to perform memory or disk-based forensics is a plus
- Able to work independently, and internationally
- Excellent communication skills (written and oral)
- Ability to triage, and handle events appropriately to their severity level
- Grasp of German desired, not required