Principal Incident Responder

About the Role

As members of the Security Operations sub-department, the Incident Response Team detects, manages, and remediates security incidents across Gendigital. Members of the IR team act as the fire fighters of Gen’s Security department, working to create and maintain a secure environment for the organization and its customers, and responding to active security incidents. As an Incident Responder, you will build and maintain tools for threat detection and response, respond to security incidents, and develop preventative security measures for Gen’s organization and Gendigital.com and its subsidiaries. Successful Incident Responders thrive in high-stress environments, think like both attackers and defenders, mentor junior team members, and help develop proactive security strategies to protect data in an evolving threat landscape.

What you will do in the role :

1. Detect and respond to company-wide security incidents, coordinating with cross-functional teams to mitigate threats.
2. Monitor and analyze emerging threats, vulnerabilities, and exploits.
3. Develop and implement scalable preventative security measures.
4. Incorporate current security trends, advisories, publications, and research.
5. Communicate risks and mitigations effectively across various audiences.
6. Utilize security automation tools such as Splunk, TheHive / Cortex.
7. Design and implement processes and tools to improve incident handling.
8. Understand systems in multi-tenant, multi-cloud environments.
9. Communicate technical details clearly via text-based mediums like Teams and Email.
10. Participate in the Security Operations On-Call rotation.
11. Align work with company values.
12. Collaborate with internal and external teams on security topics.
13. Detect and respond to security incidents independently.
14. Conduct proactive threat hunting based on intelligence.
15. Perform forensic analysis of infected hosts.
16. Analyze network traffic to identify attacker activity.
17. Mentor team members.
18. Build and maintain scalable log analytics platforms.
19. Perform root cause analysis and incident reviews.

Sr. Incident Responder Requirements

1. 5+ years of experience in web or cloud security engineering, log aggregation, or penetration testing.
2. At least 2 years of incident response experience.
3. Excellent communication skills.
4. Deep technical knowledge of multi-tenant, cloud systems.
5. Proficiency with Linux operating systems and monitoring practices.
6. Ability to build relationships with stakeholders.
7. Willingness to participate in On-Call rotations.
8. Experience with OS internals, web security, and intrusion detection.

LI-DNI

Gen is an equal-opportunity employer committed to diversity and inclusion. Employment decisions are based on merit and business needs, without regard to protected characteristics. We consider individuals with arrest and conviction records. We also adhere to pay transparency laws and export control regulations.