Lead Incident Responder
United States
2K
2K publishes titles in today's most popular gaming genres, including shooters, action, role-playing, strategy, sports, casual, and family entertainment.Who We Are
2K is headquartered in Novato, California and is a wholly owned label of Take-Two Interactive Software, Inc. (NASDAQ: TTWO). Founded in 2005, 2K Games is a global video game company, publishing titles developed by some of the most influential game development studios in the world. Our studios responsible for developing 2K’s portfolio of world-class games across multiple platforms, include Visual Concepts, Firaxis, Hangar 13, CatDaddy, Cloud Chamber, 31st Union, and HB Studios. Our portfolio of titles is expanding due to our global strategic plan, building and acquiring exciting studios whose content continues to inspire all of us! 2K publishes titles in today’s most popular gaming genres, including sports, shooters, action, role-playing, strategy, casual, and family entertainment.
Our team of engineers, marketers, artists, writers, data scientists, producers, thinkers and doers, are the professional publishing stewards of our growing library of critically-acclaimed franchises such as NBA 2K, 2K PGA, Battleborn, BioShock, Borderlands, The Quarry, The Darkness, Mafia, Sid Meier’s Civilization, Marvel’s Midnight Suns, WWE 2K, and XCOM.
At 2K, we pride ourselves on creating an inclusive work environment, which means encouraging our teams to Come as You Are and do your best work! We encourage ALL applicants to explore our global positions, even if they don’t meet every requirement for the role. If you're interested in the job and think you have what it takes to work at 2K, we encourage you to apply!
We are looking for a motivated Incident Responder for high-profile incident leading the team and effectively communicating with cross-team members while executing and improving the 2K Incident Response Plan. This individual will train Security Analysts on advanced incident response techniques, contribute to maturing a global Security Operations program, and help bring it to life with cutting-edge security monitoring technologies and techniques.
When the Incident Responder is not actively involved in an incident, the position will be responsible for threat hunting and creating new detection rules. The ideal candidate will have a deep understanding of cybersecurity, network security, and SIEM technologies working independently to implement automation and response workflows.
What You Will Do:
- Lead technical analysis and resolution of security related incidents, including malware analysis, packet level analysis, and system level forensic analysis to reconstruct what may have transpired on a system.
- Respond to incidents in cloud, on-prem, and hybrid environments
- Coordinate incident response efforts and provide timely updates on incident status with internal partners, including IT teams, business units, and senior management.
- Conduct post-incident reviews and root cause analyses to identify areas of opportunity and ensure that similar incidents are prevented in the future.
- Work closely with the Security Operations Center (SOC), and Security Engineering teams to build new tailored security detections.
- Act as a critical issue point for level I and II Analysts.
- Assess and enhance incident response plans, log monitoring, mitigation, and recovery strategies.
- Provide recommendations to automated Security Orchestration and Response workflows to upgrade our organization's security posture.
Who We Think Will Be A Great Fit:
- Three to five years of demonstrable experience in Incident Response, Forensics, or security automation and response.
- Expert in cyber incident response investigations, including containment, eradication, and remediation activities.
- Experience with the drafting post-incident reports to senior leadership to convey impact, origin, root cause, and remediation.
- Able to analyze and correlate logs from a mixed environment containing the major Operating Systems, public clouds, firewalls, etc.
- Must have an understanding of the capabilities of a variety of Security platforms (EDR, IDS/IPS, XSOAR, Prisma, etc.).
- Development experience (Python, PowerShell, Bash) used to automate security operations and incident response processes.
- Familiarity with common cyber security frameworks such as Mitre ATT&CK, SANS Top 20, Cyber Kill Chain, and OWASP Top 10
- Advanced Industry security certifications are preferred, such as GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or similar.
- Occasional travel
We offer great Employee Benefits!
A comprehensive benefits program is an important component of your total rewards package. Take-Two Interactive Software, Inc. offers an attractive benefits program designed to provide you with coverage options with the flexibility to meet both individual and family needs. Some of our offerings include:
- Health Care Benefits
- Health Savings Account (HSA) Including Company Contribution
- Employee Stock Purchase Plan
- 401k Retirement Plan
- Life and Disability Benefits
- Group Legal Plan
- Wellbeing Program
- Childcare Benefits
- Flexible Spending Account (FSA)
- Generous Compassionate Leave
- Companywide End of Year Break
As an equal opportunity employer, we are committed to ensuring that qualified individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform their essential job functions, and to receive other benefits and privileges of employment. Please contact us if you need reasonable accommodation.
Please note that 2K Games and its studios never uses instant messaging apps or personal email accounts to contact prospective employees or conduct interviews and when emailing, only use 2K.com accounts.
#LI-Remote
#LI-Onsite
#LI-Hybrid
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Bash Cloud Cyber Kill Chain EDR Firewalls Forensics GCFA GCFE GCIA GCIH GIAC IDS Incident response IPS Malware MITRE ATT&CK Monitoring Network security OWASP PowerShell Python SANS SIEM SOC Strategy
Perks/benefits: 401(k) matching Career development Equity Flex hours Flexible spending account Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs