We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Connection jobs

Security Incident Response Engineer

Connection
medical insurance, paid time off, sick time, 401(k)
United States, Illinois, Schaumburg
915 National Parkway (Show on map)
Jan 16, 2025
Security Incident Response Engineer
With an eye for detail and a contagiously positive attitude, you’re the teammate everyone counts on to get the project buttoned up and across the finish line.

Schaumburg, IL


CONNECTION

At Connection, our purpose is simple: we connect people with technology. From hardware—PCs, printers, servers, and more—to cutting-edge cloud, cybersecurity, and professional IT services, we design, build, and support the IT solutions that thousands of companies, schools, and government agencies rely on every day. We like to think of ourselves as the IT Department for our customers’ IT Department. Our company started out almost 40 years ago with two employees and a phone line. Today we’re a Fortune 1000 IT solutions partner operating in 174 countries around the world—still driven by that startup mentality and guided by our original purpose.
https://www.connection.com/

keywords: position summary,what we do,who we are,why you should join us,incident response,documentation,collaboration,continuous improvement,support,operations,experience,skills

Full Time

$93,000.00/Yr. - $119,862.00/Yr.

Overview: What We Do:

We calm the confusion of IT by guiding the connection between people and technology. If a customer is looking for a better way to manage their warehouse inventory, equip their workforce, or secure their data, we make it happen. All it takes is finding the right combination of tech hardware, software, cloud solutions, and support services. That’s what we do. We’re the IT Department’s IT Department.

Who We Are:

Our team is made stronger by a multitude of backgrounds, experiences, and perspectives. It’s what makes Connection unique—what drives us to innovate and create technology solutions that stand apart from the crowd. We’d love for you to be a part of that fabric, to share your ideas and experiences with a team that thrives on fresh thinking, creativity, and helping others.

Why You Should Join Us:

You’ll find supportive teammates and a rewarding career at Connection—plus great benefits. We take pride in supporting employees with a total rewards package that provides financial, emotional, and physical resources for you and your family. Our compensation, 401k plans, medical insurance, and other benefits are progressive and competitive. We value the importance of our employees’ emotional well-being. To support employees, we provide free therapy visits, mental health coaching and tools, and meditation resources. You’ll also enjoy a generous paid time off package that includes not only vacation and sick time, but also Wellness and Volunteer Time Off days.

The Security Incident Response Engineer (SIRE) plays a crucial role in supporting security operations within the Hybrid Command Center. The SIRE focuses on responding to security alerts, assisting in incident investigations, and ensuring that emerging threats are addressed promptly and effectively. The SIRE works as part of a larger team to maintain the security posture of the organization, collaborating closely with HCC engineers, network, cloud, and SOC teams.

Entity of type com.vizirecruiter.common.domain.model.Label with id: 2025
Entity of type com.vizirecruiter.common.domain.model.Label with id: 2024
Entity of type com.vizirecruiter.common.domain.model.Label with id: 16471
Responsibilities: Incident Response:


  • Assists junior team members with the monitoring of security alerts and events through SIEM tools, IDS/IPS, and endpoint detection systems.
  • Escalates critical incidents to the Lead Security Engineer and relevant teams.
  • Executes containment, eradication, and recovery actions under the guidance of the team lead.
  • Coordinates with client teams and internal network, cloud, and infrastructure teams to implement corrective measures to restore security after an incident has been detected.



Alert Prioritization and Triage:


  • Reviews and analyzes alerts escalated from first responders' initial triage to determine severity and validity.
  • Prioritizes alerts based on risk impact and operational guidelines.
  • Documents actions taken in ticketing or incident tracking systems.



Threat Intelligence Support:


  • Assists in tracking emerging threats and vulnerabilities relevant to the organization.
  • Provides input to vulnerability assessments and patch recommendations.
  • Participates in proactive threat-hunting activities to detect suspicious activity.



Security Tool Management and Operations:


  • Operates SIEM, EDR, firewalls, and other security tools to monitor network activity.
  • Assists in maintaining and fine-tuning security monitoring tools for optimal performance.
  • Collaborates with vendors or third parties for troubleshooting and maintenance of security solutions.



Incident Documentation and Reporting:


  • Prepares detailed incident reports, documenting events, findings, and remediation steps.
  • Participates in post-incident reviews to identify lessons learned and recommend improvements.
  • Maintains accurate records to ensure compliance with SLAs and security frameworks.
  • Assists with playbook creation for security event handling.
  • Provides insight and recommendations for security improvements to client networks.



Collaboration and Coordination:


  • Works closely with the SOC, IT, and network operations teams to address client security issues.
  • Participates in cross-functional meetings to align security priorities.
  • Supports incident response tabletop exercises and security awareness efforts.



Continuous Learning and Development:


  • Stays informed on new security technologies, trends, and best practices.
  • Participates in training programs and professional development initiatives as directed.
  • Works toward certifications relevant to the role, such as CompTIA Security+, CEH, or GSEC.
Entity of type com.vizirecruiter.common.domain.model.Label with id: 20359
Entity of type com.vizirecruiter.common.domain.model.Label with id: 1212
Entity of type com.vizirecruiter.common.domain.model.Label with id: 11

Entity of type com.vizirecruiter.common.domain.model.Label with id: 345
Requirements:

  • Technical Proficiency: Familiarity with SIEM, IDS/IPS, EDR tools, network, server infrastructure, and firewalls.
  • Analytical Skills: Strong ability to assess alerts and distinguish between legitimate incidents and false positives.
  • Communication: Clear verbal and written skills to document incidents and report findings effectively.
  • Collaboration: Ability to work effectively within a team and across departments.
  • Problem Solving: Quick thinking to assist with real-time incident response.
  • Knowledge of Security Standards: Basic understanding of NIST, ISO 27001, and CIS Controls.
  • Experience in security operations or working within a SOC environment.
  • Familiarity with incident response frameworks and threat-hunting methodologies.
  • Relevant certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), or GIAC Security Essentials (GSEC) preferred.



Applied = 0
MORE JOBS LIKE THIS

(web-6f6965f9bf-g8wr6)