Incident Response Engineer

Rockwell Automation
December 03, 2023
Contact:N/A
Offerd Salary:Negotiation
Location:N/A
Working address:N/A
Contract Type:Other
Working Time:Negotigation
Working type:N/A
Ref info:N/A

Rockwell Automation is a global technology leader focused on helping the world's manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers – amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility – our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that's you we would love to have you join us!

Job Description

Responsibilities

  • Investigate and escalate security events to as necessary.
  • Participate in complex investigations at the direction of senior members of the CSIRT
  • Help fine-tune SIEM rules by identifying false positive and remove false negatives.
  • Assist in collecting threat intelligence based on analysis.
  • Proactively research and monitor security information to identify potential threats that may impact the organization.
  • Develop and distribute information and alerts on required corrective actions to the organization.
  • Learn new attack patterns, actively participate in security forums.
  • Work closely with Vulnerability Management and Insider Risk team.
  • Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc.
  • Understand the subject of EDR investigations and SIEM logic
  • Perform threat intel research.
  • Document investigations and participate in documentation maturity exercises.
  • Essential Skills

  • 2+ years of demonstrated experience in cybersecurity incident response.
  • Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products.
  • Experience with Security Information Event Management (SIEM) tools, creating advanced co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessments.
  • Experience investigation events in a fast paced, globally distributed team
  • From this employer

    Recent blogs

    Recent news