Overview
The RealPage Information Security Operations team monitors and manages risks associated with threats and vulnerabilities faced by our infrastructure, platforms, and systems . We work closely with our teammates from IT, Product Development, and across the business to coordinate and execute our vulnerability management and incident response strategies and capabilities . We work with industry-leading tools and implement creative solutions to complex problems .
What You'll Do
As an Incident Response Engineer , you will work directly with our security teams and partners across IT and the Application teams to contain and remediate security incidents, as well as designing solutions to improve the overall security architecture for the enterprise. Success in this role will be determined by your deep analytical expertise , including deep packet analysis, malware analysis, de - obfuscation skills, insights into endpoint analytics , and detailed log analysis . You will be called upon to flex your offensive security skills to drive rapid containment and remediation of security incidents, as well as your interpersonal skills to coordinate response with your teammates. Broad experience with security analytics including host logs, endpoint investigations, and network analysis are critical skills for this role.
Responsibilities
- Collect and analyze key data and telemetry during a security incident.
- Coordinate containment and remediation activity with cross-functional teams
- Complete all required incident documentation and reporting within established time frames .
- Drive improvements from incident lessons learned .
- Develop playbookSOP to improve Incident Response processes to align with industry guidelines and standards .
- Develop and implement security monitoring use cases driven by threat intelligence .
- Conduct periodic threat hunt ing exercises to actively discover suspicious activity across the enterprise .
- participate in periodic exercises to test the effectiveness of IR SOC process and controls .
Qualifications
Required Qualification:
- Bachelor's degree and 4 to 6 years of experience in I ncident Response and SOC. Additional relevant experience and professional certifications will be considered in lieu of a degree.
- Understanding of host- based and network security logging .
- E xperience in usage of enterprise security solutions.
- U nderstanding related to security encompassing end point technologies, applications, application hosting, physical and virtual data center hosting.
- Experience with security practices such as security incident response and risk management.
- Excellent verbal and written communication skills with a wide range of audiences including technologists, executives, business stakeholders and IT team members.
- Must be a critical thinker with strong problem-solving skills.
- Knowledge of information security management frameworks, such as ISO 27001, ITIL, COBIT or NIST.
- High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
- Proven ability in security process and organizational design; Current understanding of Industry trends and emerging threats; and knowledge of incident response methodologies and technologies.
Desired Qualification
- D egree in applicable field
- Professional information security certification, such as GCIA, GCIH, or OSCP
- Knowledge of common security frameworks and regulations including FFIEC, NYDFS and NIST Cybersecurity Framework
- In-depth and hands-on experience with Security Analytics and Incident Response
- Knowledge in Scripting languages ( e.g. BASH, Python, etc )
