Triage Engineer
Arctic Wolf
Kitchener-Waterloo, ON, Canada
4d ago

About the Role :

As part of the Security Services team, the Triage Engineer (TE) is a role that leverages your security expertise to identify, detect, and notify customers of security events ongoing within their environment.

The TE will be expected to have a deep knowledge of various threats and forms of attack while having demonstrated experience in highly technical security roles.

The successful candidate will be working shifts in a 24x7 environment with focus on security investigations, security related task work, and improvement activities to better the triage function.

This role will have a high technical aspect and limited customer relationship function, in that you will managing security incidents and working with Concierge Security Teams to provide the post-incident remediation activities.

Arctic Wolf TEs are accountable for the detection and notification of security incidents to our customers.

Your Responsibilities :

  • Analyze incoming security events based on different data points; network, endpoint, and log sources expediently, consistently, and accurately
  • Prioritize incoming events exceptionally well
  • Willingness to run a security incident to completion; detect, work with team members, and communicate effectively with internal and external team parties throughout the process.
  • Steer complex investigations within your area of expertise, and leverage your security knowledge to engage the other experts within other disciplines appropriately
  • Prioritize task work according to understood and implied priorities
  • Conduct quality reviews on outgoing tickets, security engagements, and at a system level looking for areas of improvement
  • Contribute your security expertise using the development platform to elevate more precise signal with minimal noise
  • Ability to coach and mentor other team members to share knowledge and expertise
  • Continuously broaden your security expertise and depth within a set competency
  • Arctic Wolf is a fast-growing company, and all TE candidates should expect to work with many teams within Arctic Wolf, including engineering, operations, sales, marketing, and executive management.

    A positive can-do attitude is a must. A willingness to learn and continuous self-improvement is critical. An ability to deal with uncertainty is a positive.

    Required Skills and Experience :

  • 5+ years Industry experience; Information Security, Network Security, or Cyber Security roles
  • 3+ years additionally as a Network Admin, System Admin, Cloud Admin, or similar is strongly preferred
  • Have deep technical competency in two (2) of the following
  • Networking common protocols, server / client infrastructure, routers, switches, WAPs, etc
  • Perimeter firewalls, IDS, IPS, UTM, WAF, Gateways, Proxys, Mail Servers, etc
  • Authentication AD, SSO, MFA, etc
  • IaaS cloud services, AWS, Azure, GCP
  • End Point MDM, EDR, EPP, AV
  • SaaS collaboration tools including O365, GSuite, Box, Salesforce, Workday, etc
  • Experience working in a Security Operation Center, security incident response teams, or in roles with security forensics or malware analysis disciplines.
  • Analyze log and system data from the above list and other IT systems
  • Know how to use one or more scripting tools and languages such as Python, Bash, and Power Shell
  • Great writing and speaking skills
  • A positive can-do attitude
  • A willingness to learn and continuous self-improvement
  • There are no specific degree or certification requirements but degrees in engineering or technology are a plus. Any security or IT certification such as CISSP is also positive.
  • Employment Requirements :

    Each successful candidate will be required to pass a criminal background check and an employment verification as a condition of employment.

    Additional skills and experience :

  • Any security certifications, professional CISSP, SANS certifications, or technical certifications such as AWS or Cisco are viewed favorably
  • Security forensics
  • Malware analysis
  • E-discovery
  • Threat containment
  • Firewall and IDS provisioning
  • Proxy and content filtering provisioning
  • Authentication and identify management
  • Risk and vulnerability Assessment
  • Network and security Auditing
  • Network troubleshooting
  • Penetration testing
  • Attack simulation
  • PowerPoint presentation skills
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form