Incident Response - Junior Role
San Clara, Manitoba, Canada · Contrato
Sé el primero en postularte
- Experiencia
- Cualquier
- Salario
- —
- Vacantes
- 1
- Al corriente
- Hace 4 horas
- Modo de trabajo
- En la oficina
- Reanudar
- Se requiere solicitud
Dónde trabajarás
Descripción del trabajo
Role overview
This contract role in Santa Clara, California is focused on hands-on incident response work across Windows and Linux environments. The position involves triaging security events, containing active threats, coordinating recovery efforts, and supporting broader cyber defense operations in high-impact environments.
Core responsibilities
- Carry out advanced incident response activities for Windows and Linux systems, including triage, containment, eradication, and recovery.
- Perform host-based forensic work such as reviewing logs, capturing memory, examining file systems, and analyzing malware behavior.
- Serve as incident commander during security incidents by organizing response efforts, recording actions taken, and keeping leadership and relevant agencies informed.
- Study adversary tactics, techniques, and procedures and map observed activity to the MITRE ATT&CK framework.
- Monitor, assess, and act on alerts from SIEM, IDS/IPS, EDR, and network monitoring platforms.
- Create detailed incident documentation, event timelines, and executive-level summaries for stakeholders.
- Assist with incident response in multi-agency and critical infrastructure settings.
- Recommend improvements to detections, system hardening, and long-term mitigation controls.
- Take part in post-incident reviews, lessons learned discussions, and updates to response playbooks.
- Remain available for 24x7 response coverage through on-call rotation or surge support when required.
- Use tools including NetWitness, Gravwell, Google SecOps, Corelight, CrowdStrike, SentinelOne, Microsoft Sentinel, and CRIBL pipelines for forensic and incident analysis.
- Combine host, network, and intelligence data to reconstruct complete incident timelines.
- Apply knowledge of intrusion kill chains, threat hunting methods, and common attacker behaviors.
- Work in SLTT and critical infrastructure environments, including multi-tenant and cross-agency response operations.
- Prepare clear documentation and executive-ready incident summaries.
Additional information
This role is structured as a contract position and is based onsite in Santa Clara, CA. The source does not specify salary, duration, start date, application deadline, or opening count.