Match score not available

Security Incident Response Engineer - EDR

Remote: 
Full Remote
Contract: 
Experience: 
Mid-level (2-5 years)
Work from: 
Michigan (USA), United States

Offer summary

Qualifications:

3 to 5 years of Information Security experience, 1-3 years in incident response or security engineering, Proven experience with EDR tools like SentinelOne or CrowdStrike, In-depth understanding of infrastructure security, DFIR certifications are a plus.

Key responsabilities:

  • Conduct thorough analysis of security incidents
  • Collaborate with teams on security infrastructure improvements
  • Install and configure EDR agents on endpoints
  • Communicate updates on incident response processes
  • Maintain detailed records of incident response activities
The Campbell Group - Acrisure Partner logo
The Campbell Group - Acrisure Partner Insurance SME https://www.thecampbellgrp.com/
51 - 200 Employees
See more The Campbell Group - Acrisure Partner offers

Job description

Job Title:  Security Incident Response Engineer - EDR

Department:  Information Security

Location:  Remote or Hybrid (Grand Rapids, MI)

About Acrisure

Acrisure is a global Fintech leader that combines the best of humans and high tech to offer multiple financial products and services to millions of businesses and individual clients. We connect clients to solutions that help them protect and grow what matters, including Insurance, Reinsurance, Cyber Services, Mortgage Origination and more.

Acrisure employs over 17,000 entrepreneurial colleagues in 21 countries and have grown from $38 million to $4.3 billion in revenue in just over ten years. Our culture is defined by our entrepreneurial spirit and all that comes with it: innovation, client centricity and an indomitable will to win.

Responsibilities:

Incident Detection and Eradication:

  • Conduct a thorough analysis of the incident, including its origins and impact.
  • Collaborate with other teams to identify vulnerabilities and weaknesses in the security infrastructure and recommend improvements.
  • Develop and implement strategies to remove the root cause of the incident.
  • Ensure all malicious artifacts are eliminated from the environment.
  • Use security tools and monitoring systems to identify and detect security incidents.
  • Analyze security alerts and anomalies to determine if they represent actual security incidents.

EDR Deployment and Configuration:

  • Install and configure EDR agents on endpoints for comprehensive coverage.
  • Customize EDR settings based on organizational security policies.
  • Ensure continuous endpoint monitoring and regular EDR updates.
  • Provide training on EDR usage to incident response teams and end-users.
  • Enforce security policies on endpoints through the EDR platform to ensure compliance with organizational standards.
  • Regularly review and update endpoint security policies based on threat intelligence and incident learnings.

Communication and Documentation:

  • Communicate with stakeholders, including management, IT teams, and legal departments, to provide updates on the incident response process.
  • Maintain detailed records of incident response activities, including timelines, actions taken, and outcomes.
  • Prepare incident reports for management and other stakeholders.
  • Coordinate with external parties, such as law enforcement or third-party incident responders.

Education/Experience:

  • Distinguished Professional: 3 to 5 years of experience in Information Security
  • 1-3 years of experience in incident response, threat hunting, security engineering, or related area.
  • Endpoint Detection and Response (EDR) Security: Proven experience with SentinelOne, Microsoft Defender, CrowdStrike, or other EDR toolsets.
  • Expertise in Infrastructure Security: In-depth understanding of infrastructure security, including Windows, Active Directory, Unix/Linux, Mobile Security, and Privileged Access Management.
  • DFIR certifications, such as GCIH, GCFA, CHFI, or CCFP are a plus.

  

Benefits & Perks:

  • Competitive Compensation
  • Industry Leading Healthcare
  • Savings and Investments
  • Charitable Giving Programs
  • Offering hybrid work option           
  • Opportunities for Growth
  • Parental Leave
  • Generous time away

Acrisure is committed to making an impact in our communities by giving back, with millions committed to children’s health with Helen Devos Children’s Hospital and UPMC Children's Hospital of Pittsburgh.

For more, visit www.Acrisure.com  or learn more here.

#LI-RM1 #LI-Remote

Acrisure is committed to employing a diverse workforce. All applicants will be considered for employment without attention to race, color, religion, age, sex, sexual orientation, gender identity, national origin, veteran, or disability status.  California residents can learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy available at www.Acrisure.com/privacy/caapplicant.
 

To Executive Search Firms & Staffing Agencies: Acrisure does not accept unsolicited resumes from any agencies that have not signed a mutual service agreement. All unsolicited resumes will be considered Acrisure’s property, and Acrisure will not be obligated to pay a referral fee. This includes resumes submitted directly to Hiring Managers without contacting Acrisure’s Human Resources Talent Department.

Required profile

Experience

Level of experience: Mid-level (2-5 years)
Industry :
Insurance
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Communication
  • Record Keeping
  • Problem Solving
  • Training And Development
  • Collaboration
  • Incident Reporting

Incident Response Analyst Related jobs