Key skills
CSplunkCommunication
About this role
IMR Soft LLC is seeking a Security Engineer - III to lead incident response engagements and enhance client security postures. The role involves managing workstreams, applying investigative workflows, and collaborating on proactive service initiatives.
Responsibilities:
- Lead Incident Response engagements by delegating workstreams, analysing artifacts, and maintaining central oversight to ensure seamless customer outcomes
- Apply rigorous investigative workflow to every engagement, documenting evidence and IOCs to build a robust internal knowledge base
- Lead or support the delivery of off-the-shelf and custom proactive services, leveraging data-driven insights to align security offerings with client operational goals
- Actively collaborate on the creation of new proactive service initiatives and service delivery models
Requirements:
- Consulting Experience - Exceptional soft skills with a proven ability to manage customer expectations and maintain accountability throughout the incident response lifecycle
- Crisis Communication: The ability to remain composed and communicate technical findings clearly to stakeholders while working under the high-pressure environment of a live incident
- Technical Proficiency in SIEM & EDR: Hands-on experience utilizing Splunk and CrowdStrike for threat hunting and incident analysis
- Academic Background: Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a closely related technical field
- Certifications: Industry-standard certifications from organizations such as SANS (GIAC), ISC2 (CISSP), or EC-Council
- Tabletop Exercise (TTX) Facilitation: Experience designing and delivering tabletop exercises to test and mature a client's incident response readiness
- Cybersecurity Instruction & Training: Ability to develop and deliver technical security training or workshops for diverse audiences, from SOC analysts to C-suite executives
- Advanced Incident Response: Deep expertise in memory forensics, malware analysis, and identifying advanced persistent threat (APT) lateral movement
- Strategic Security Advisory: Ability to translate raw threat intelligence into strategic recommendations that improve a client's long-term security posture
- Specialized Training: Advanced DFIR-specific training (e.g., GCIH, GCFA, or GCFE) is highly encouraged