This is a remote position that could be based anywhere in the United States or Canada.Calix is seeking an experienced Incident Responder with a focus on Insider Risk and E-Discovery to join our team. The successful candidate will work closely with our security, HR and legal teams to identify and respond to potential insider threats, as well as support legal investigations by conducting e-discovery and data analysis. The role requires a deep understanding of incident response, insider risk management, and e-discovery processes, as well as excellent analytical and communication skills. This position will be responsible for operation and enhancement of the insider threat program consisting of the prevention, active monitoring, and resolution of internal security threats. Further responsibilities include recognizing opportunities for enhancements and automation to capabilities, and documentation of escalated incidents.Responsibilities and Duties:Help define and mature the insider risk incident response program.Monitor and analyze alerts generated from insider risk tools to provide actionable intelligence and drive the investigation of identified anomalies and security incidents.Ability to help lead and drive escalated security incidents to resolution pulling from strong incident response experience.Conduct investigations and analysis to identify insider threats and potential data breaches, including but not limited to forensic investigations, reviewing logs and network activity, and analyzing user behavior.Collaborate with internal teams and external partners to identify and implement new technologies and tools to enhance incident response and e-discovery capabilities. Work closely with legal teams to provide support for e-discovery requests, including data collection, preservation, processing, and review.Develop and maintain documentation, including runbooks and operating procedures, for insider threat response processes and procedures. Provide technical expertise and guidance to security and legal teams on insider risk management best practices. Coordinate with various internal stakeholders such as Legal, Privacy, and HR to ensure confidentiality and discreet resolution of investigations.Prepare and present formal and informal analysis and briefings to relevant stakeholders and executives.Interface and coordinate with third-party DFIR partners.Orchestrate tabletop exercises to help test insider risk incident response and detection capabilities.Qualifications:Calix requires all employees based in North America who will work onsite at a Calix office, attend in-person meetings, and/or travel on behalf of Calix to be fully vaccinated. Calix will consider requests for reasonable accommodations as required under applicable law.5 years of experience in information security, preferably with 2-3 years in either an Incident Response or Insider Risk role.Hands-on technical experience with insider risk tools and familiar with security related technologies such as SIEM, EDR, UEBA, DLP.Ability to stay calm and make sound decisions during high pressure situations. Strong security intuition and critical thinking ability.Familiarity with insider risk and data loss investigations.Strong knowledge of incident response methodologies and technologies in modern cloud environments.Ability to communicate effectively while conveying highly technical concepts to both technical and non-technical stakeholders.Familiarity with security reporting, dashboarding, and metrics.Qualifications:Information Security Certification.Understanding of digital forensic tools and techniques.Experience in a similar role.Location:Remote-based position located in the United States or Canada.#LI-Remote
View Original Job Posting