Security Incident Response Engineer

Job Requisition ID #24WD80874Position Overview The Security Incident Response Engineer is responsible for monitoring, identifying, assessing, containing and responding to various information security events in a large and complex environment, as well as analyze, triage, and report on these incidents and investigations. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behavior analytics. This position will work closely with the threat hunting and intelligence team to execute strategic vision for the department and assist in maturing our overall IR plans and policies.ResponsibilitiesResponsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (Endpoint Detection & Response), Network and Cloud security tools and detect anomalies, and report remediation actionsResponsible for triaging security incidents and conducting response actions to detect, contain and remediate identified security incidentsAnalyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findingsConduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidentsResponsible for detecting and responding to security incidents, coordinating cross-functional teams to mitigate and eradicate threatsResponsible for handling security incidents reported by third parties or external security researchersDetermine root cause analysis and create post-mortem report for security incidentsTrack security events and incidents in SOAR toolDevelop and document threat driven response playbooks to support security incidentsMaintain current knowledge and understanding of the threat landscape and emerging security threatsAssist in the creation and maintain Autodesk Security Response Centre's process and tools documentationProvide support as on-call personal during security incidentsMaintain a high level of confidentiality and IntegrityMinimum QualificationsBS in Computer Science, Information Security, or equivalent professional experience3+ years of cyber security experience in incident responseTechnical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensicsStrong understanding of Security Operations and Incident Response process and practicesExperience performing security monitoring, response capabilities, log analysis and forensic toolsStrong understanding of operating systems including Windows, Linux and OSXExperience with SIEM, SOAR, EDR, Network, AWS and Azure security toolsExperience with IR and Forensic investigations within Cloud environments such as AWS and AzureExperience with one or more scripting languages (PowerShell, Python, Bash, etc.)Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a teamExcellent verbal and written communication skillsAbility to design playbooks for responding to security incidentsAbility to support off-hours, weekends, and holidays if needed in support of incident responsePreferred QualificationsAdvanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organizationOne or more security-related certifications from any of the following organizations: GCIH, GCFE, GCFA, AWS, Azure Cloud security Certifications or equivalent is desiredLearn MoreAbout AutodeskWelcome to Autodesk! Amazing things are created every day with our software – from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.We take great pride in our culture here at Autodesk – our Culture Code is at the core of everything we do. Our values and ways of working help our people thrive and realize their potential, which leads to even better outcomes for our customers.When you’re an Autodesker, you can be your whole, authentic self and do meaningful work that helps build a better future for all. Ready to shape the world and your future? Join us!Salary transparencySalary is one part of Autodesk’s competitive compensation package. Offers are based on the candidate’s experience and geographic location. In addition to base salaries, we also have a significant emphasis on discretionary annual cash bonuses, commissions for sales roles, stock or long-term incentive cash grants, and a comprehensive benefits package.Diversity & BelongingWe take pride in cultivating a culture of belonging and an equitable workplace where everyone can thrive. Learn more here: https://www.autodesk.com/company/diversity-and-belongingAre you an existing contractor or consultant with Autodesk? Please search for open jobs and apply internally (not on this external site).