Key skills
Deep LearningAnalyticsAWSAzureGCPKubernetesCommunicationCloud Security
About this role
Cloudera is a leading data partner for top companies across various industries, empowering them to transform complex data into actionable insights. As a Senior Security Response Engineer, you will be responsible for enhancing the organization's security posture through threat detection, security analysis, and incident response activities, while collaborating with internal teams to manage incidents and improve security processes.
Responsibilities:
- Proactively monitor and respond to security alerts and events from various sources, including SIEM, Cloud Security Platforms, EDR, and other technologies
- Perform detection engineering by not only tuning existing alerts but also developing new, high-fidelity alerts based on ongoing trends, threat intelligence, and findings from past investigations
- Conduct in-depth analysis of security incidents to determine the root cause and impact, and recommend appropriate mitigation strategies
- Partner closely with various internal security teams (e.g., Enterprise Security, Cloud Security, Product Security) to manage end-to-end incident response actions and collaborate on cross-functional projects for continuous security improvement
- Develop and maintain incident response playbooks, processes, standards, procedures, and SOAR (Security Orchestration, Automation, and Response) workflows to streamline response efforts and improve the organization's security posture
- Participate in threat hunting activities to identify advanced threats and vulnerabilities
- Identify, Document, and Research Threat Intelligence Findings and Reports
- Lead and drive projects and strategic initiatives designed to proactively improve the security posture and resilience throughout the entire company
- Provide mentorship and guidance to junior analysts and engineers
- Assist in the evaluation and implementation of security tools and technologies
- Stay up-to-date with emerging threats, vulnerabilities, and industry best practices
- Continuously pursue forward thinking and unique solutions to security challenges
Requirements:
- Robust Analytical Mindset and self-starter with a genuine interest in forward-thinking Cybersecurity
- Relevant Educational Degree (Information Security / Information Assurance / Cybersecurity) or Equivalent Cybersecurity Work Experience (3-5 Years)
- Three or more years of technical experience in providing Large Enterprise Incident Response, Threat Hunting, or Cloud Security
- Proficiency with security technologies, including SIEM, EDR, and Cloud Security systems
- Strong understanding of cyber threats, attack techniques, and incident response methodologies
- Must be able to independently analyze and respond to alerts and security incidents, including but not limited to triage, root cause analysis, and response coordination
- Advanced proficiency in Incident Response within Cloud Environments (strong focus on AWS, with Azure and GCP as a plus)
- Deep experience securing and responding to incidents within Kubernetes environments
- Proficiency in analyzing and responding to threats across macOS, Windows, and Linux-based systems
- Excellent problem-solving and communication skills
- Ability to work effectively both independently and as part of a team
- Supporting certifications such as GIAC (GCFA/GCIH/GCFR/GCLD), AWS Certified Security - Specialty, Google Professional Cloud Security Engineer, Microsoft SC-200, or CompTIA CASP/CySA+
- Experience in Automation and/or Orchestration
- Experience with Data Analytics leveraging Machine and/or Deep Learning
- Knowledge of Threat Intelligence Methodologies
- Cloud/Endpoint Digital Forensics Experience