Incident Response Security Engineer
Portsmouth, New Hampshire, United States
Bottomline is at the forefront of digital transformation. We are a growing global market leader uniquely equipped to address the changing needs of how businesses pay and get paid. Our culture of working with and for each other enables us to delight our customers. We empower our teams to think like owners driving customer delight, helping them grow their business and win in their markets.
Bottomline is seeking an Incident Response Security Engineer to join its global security team. This candidate must have a drive for security, value the protection of user data, and want to learn and grow. You will work closely with a team of highly skilled security professionals, with a diverse set of skills to tackle challenges. The Security Incident Response Engineer will be responsible for real-time security monitoring and response to various types of cybersecurity incidents. A successful candidate will have a proven track record in responding to cybersecurity incidents in highly complex environments at scale.
This position can be based out of an open location in the United States
How you’ll contribute:
- Initial triage & fact identification: for every incident initial triage occurs to understand what has happened in order to assess the scope of impact. As part of triage, facts/evidence about the incident are uncovered.
- Troubleshoot, or escalate issues as appropriate, in a timely manner while communicating clearly and proactively throughout until resolved.
- Work with cross-functional teams to drive improvements to policies and processes across teams.
- Mitigation, Remediation & clean up to addressing each incident.
- Diligent documentation/reporting: Review/understand what happened to ensure that the root cause and contributing factors are identified and documented.
- Understand the security needs of internal and external stakeholders, regulators, and auditors.
- Actively manage projects and drive security vulnerability remediation efforts across the organization.
- Collaborate with product development and solution delivery teams to provide expertise and support for information security matters.
- Support security incident response processes.
- Contribute to security planning, assessment, risk analysis, certification, and awareness activities for network and system operations.
- Continuously assess, measure, and monitor information technology risk by performing network and system vulnerability assessments.
- Identify weak or missing security controls and vulnerabilities.
- Research and evaluate current or emerging security technologies to support cybersecurity initiatives
- Maintain compliance to security policies, standards, procedures
- Manage cybersecurity compliance activities and implement improvements where needed
- Responsible for identifying and collecting relevant information security metrics
- Measure performance indicators of program activities and effectively communicate status to stakeholders
- Review existing policies and procedures and work with management to keep them updated
- Stay abreast of emerging threats, vulnerabilities, and be active in the security community
- Establish and maintain strong relationships with business units
- Proactively supports, trains, and motivates less experienced team members
- Participate in special projects and other duties as required
- Perform other tasks and duties of a similar nature and scope as assigned.
What will make you successful:
- BA or BS degree in Computer Science, IT/MIS, Information Assurance, or equivalent work experience required
- 5+ years of experience working in an Information Technology role
- 3+ years of experience working in an Information Security role
- 3 years’ experience navigating and understanding the Windows, Linux and Mac operating
- Active industry recognized security certifications such as CISSP, GIAC, CRISC, GESC, GCIH or CEH is preferred
- Experience with log aggregation and SIEM tools
- systems and operating system internals.
- Experience protecting security and privacy on the internet.
- Experience making important decisions independently and multi-tasking under pressure.
- Experience responding quickly to changing situations in complex environments without compromising quality.
- Self-starter with the ability to work independently and manage diverse priorities well
- Strong problem solving and analytical skills
- Ability to work in a results-oriented environment, understand complex systems, prioritize tasks, and meet deadlines with minimal supervision
- Team player with proven skills in influencing people without having direct management authority and motivating them to successfully complete tasks within required timeframes
- Must be able to learn and adapt quickly to ever changing requirements and priorities
- Excellent verbal and written communication skills including the ability to explain complex issues and processes in a concise manner that is appropriate for the intended audience
- Ability to support off-hours, weekends, and holidays if needed in support of incident response
- Strong knowledge and experience with security incident response programs and processes
- Administration of Linux and Windows systems, networks, DNS, firewalls, and web servers
- Working knowledge of cryptography algorithms and protocols
- IDS/IPS, traffic collection, correlation, and analysis tools
- Strong understanding of industry standards and frameworks (NIST, ISO, CIS, OWASP, PCI DSS)
- Good understanding of FFIEC, GLBA, and HIPAA regulations
- Experience with scripting languages and text manipulation tools
- Experience working in financial technology, banking, or financial services
You’ll love Bottomline because in everything we do we seek to delight our customers and we are passionate about building a company of which we can all be proud, and this starts with building amazing teams filled with team members that challenge you every day.
Start your #LifeatBottomline
Explore more Information Security career opportunities
- Open Senior Infrastructure Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open SOC Analyst Jobs
- Open Senior Penetration Tester Jobs
- Open Principal Security Engineer Jobs
- Open Information Security Architect Jobs
- Open IT Security Engineer Jobs
- Open Information Security Officer Jobs
- Open Staff Security Engineer Jobs
- Open Vulnerability Analyst Jobs
- Open Personnel Security Officer Jobs
- Open Infrastructure Security Engineer Jobs
- Open Chief Information Security Officer Jobs
- Open Senior Information Security Analyst Jobs
- Open IAM Engineer Jobs
- Open Software Security Engineer Jobs
- Open Senior Information Security Engineer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Senior Incident Response Analyst Jobs
- Open DevOps Security Engineer Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Privacy Manager Jobs
- Open Threat Intelligence Analyst Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Cybersecurity Analyst Jobs
- Open NIST-related jobs
- Open Clearance-related jobs
- Open PCI-related jobs
- Open CEH-related jobs
- Open Open Source-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open Splunk-related jobs
- Open Machine Learning-related jobs
- Open Ruby-related jobs
- Open Intrusion detection-related jobs
- Open OSCP-related jobs
- Open Security assessments-related jobs
- Open IPS-related jobs
- Open Encryption-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open HIPAA-related jobs
- Open Cryptography-related jobs
- Open TCP/IP-related jobs
- Open DevSecOps-related jobs
- Open PowerShell-related jobs
- Open Unix-related jobs
- Open DNS-related jobs