Sr Security Incident Response Engineer



Keep people safe and organizations running with Everbridge. Empower Resilience. Anticipate, mitigate, respond to, and recover from critical events.

View company page

As our Sr Security Incident Response Engineer, you will support Everbridge’s Cyber Intelligence function performing computer network defense and incident response.  You will be a senior technical leader of threat intelligence; security event monitoring; security incident investigation; forensic analysis; and, security incident response for all Everbridge systems and data globally. You will operate in collaboration with other Information Services team members to improve and maintain the overall security posture of Everbridge companies as well as protect data assets. You will have the critical function of defining and enhancing effective security monitoring of Everbridge systems and cloud platforms globally.  You will lead incident response during a known or potential security event. You will lead in-depth analysis of systems and data involved with these events. 
About the Team
As a member of the Cyber Intelligence Center team, you will strive to take a pragmatic approach when proposing security solutions, implement security best practices, and performing day to day analysis of security events and in maintaining security and threat situation awareness.

What you'll do

  • Operational Duties: Lead technical development of security event monitoring and alerting, lead threat intelligence activities, provide technical leadership of incident response, lead forensic analysis, provide monitoring of intrusion detection systems, anti-virus solutions, vulnerability assessment tools, as well as log correlation tools to identify actionable threats or remediation. Communicate and coordinate with all internal IS and operations teams as well as any service providers on various attack scenarios including viruses, worms, stolen credentials, DDoS attacks, etc. Conduct investigations while communicating and coordinating remediation efforts. Stays well-informed and current on product updates, the threat landscape, and vulnerabilities relating to technology.

  • ·Business Support: Participate in business and technology initiatives as an senior information security technical leader. Assist in defining security related processes and procedures for the department as well as the company that can be employed on a global basis. Participates in internal and third-party audits of the company’s information security policies, procedures, as well as operational duties while supporting any remediation efforts that may be identified as a result of an audit.

  • · Projects: Provide technical leadership of strategic security projects. Evaluate the effectiveness of cyber intelligence services globally as well as any related systems and processes. Stay well-informed and current on the latest information security technologies, methodologies, and events. Lead implementation and enhancement of security monitoring systems and processes as well as security incident investigation and analysis tools. Liaisons with external vendors and service providers.

What you'll bring:

  • Bachelor’s degree (or equivalent experience) in Computer Science, Engineering, or other technical field
  • Must have 5+ years of direct information security experience in a global IT environment.
  • Security certification, such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or Certified | Ethical Hacker (C|EH) a plus
  • Strong experience in an internal security operations center (SOC).
  • Demonstrated ability to lead security incident response teams.
  • Experience as lead investigator of security incidents.
  • Strong experience with forensic analysis and forensic evidence handling
  • Experience implementing and monitoring thread intelligence systems
  • Detailed functional knowledge of network technologies including network security focused technologies such as next generation firewalls and web application firewalls in a global IT environment.
  • Working knowledge of server technologies including administration, virtualization and Active Directory
  • Working knowledge of both Windows and Linux/Unix operating systems
  • Working knowledge of cloud platforms, including AWS, GCP and Azure
  • Experience analyzing network traffic to identify anomalous activity and potential threats to network resources.
  • Experience configuring and using Security Information and Event Management (SIEM) systems to effectively monitor security events.
  • Experience performing event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
  • Demonstrated ability to analyze network alerts from various sources within the enterprise and determine possible causes of such alerts
  • Experience providing timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities
  • Demonstrated ability to analyze identified malicious activity to determine weaknesses exploited, exploitation methods, and effects on system and information.
  • Experience with tools such as Sumo Logic, Sophos and Office 365 email security are a plus.
  • Experience using Microsoft Word, Excel, PowerPoint, Visio, and SharePoint. Microsoft Project, Access, SQL, PowerShell, or scripting experience is a plus.
About Everbridge

Everbridge (NASDAQ: EVBG) empowers enterprises and government organizations to anticipate, mitigate, respond to, and recover stronger from critical events. In today’s unpredictable world, resilient organizations minimize impact to people and operations, absorb stress, and return to productivity faster when deploying critical event management (CEM) technology. Everbridge digitizes organizational resilience by combining intelligent automation with the industry’s most comprehensive risk data to Keep People Safe and Organizations Running™. For more information, visit, read the company blog, and follow on Twitter. Everbridge… Empowering Resilience
Everbridge is an Equal Opportunity/Affirmative Action Employer. All qualified Applicants will receive consideration for employment without regard to race, creed, color, religion, or sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.
Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Active Directory Audits Automation AWS Azure C CISSP Cloud Computer Science DDoS Firewalls GCIH GCP GIAC Incident response Intrusion detection Linux Monitoring Network security PowerShell Scripting SharePoint SIEM SOC SQL Threat intelligence UNIX Vulnerabilities Windows

Perks/benefits: Team events

Region: Asia/Pacific
Country: India
Job stats:  12  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.