Incident Response Engineer

Job Description

Insight Global is seeking an Incident Response Engineer for one of our Biotech clients in Billerica, MA. This role will be hybrid remote working three (3) days onsite. This role will start as a six (6) month contract with potential extensions and the possibility of converting to a permanent position.

In this role you will join our client's growing organization and Information Security team and will work within the Security Operations team, reporting to the Director, IT Infrastructure and Security Operations. You will respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard highly sensitive data. You will work hands-on with detection systems and vulnerability analysis tools to respond to potential threats to their systems. You should be prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis. With your technical expertise, you will be solving security challenges at scale, working to protect the applications that support our client's and their fast-growing business. We are seeking broad and deep technical knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence.

Additional Responsibilities Include:

• As a SME, you will be responsible for leading incidents, investigations, and security initiatives

• Act as a security multiplier to help scale security incident response

• Prepare post-mortem reports of incidents and present findings to the broader team

• Create and maintain runbooks to ensure smooth handling of all security incidents

• Lead and participate in incident response tabletop exercises to validate and improve existing processes and procedures and train others on their roles and responsibilities during an incident

• Monitor and analyze security logs, using KQL queries in Microsoft Sentinel, to identify potential security breaches

• Build, refine, and maintain analytic rules, workbooks, hunting queries, and dashboards in Microsoft Sentinel to enhance detection and response capabilities

• Automate incident response and enrichment processes using Logic Apps, automation rules, and playbooks in Sentinel

• Assess vulnerabilities within the environment, conduct risk-based prioritization of vulnerabilities, and assist in remediation

• Lead and coordinate responses to cyber threats, including incidents identified in Microsoft Defender for Endpoint

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:

Skills and Requirements

• 5+ years of experience in Incident Response

• Extensive experience with Microsoft Defender for endpoint protection and response

• Experience with Microsoft Sentinel (SIEM/SOAR)

• Experience with vulnerability management solutions

• Experience with scripting tools (Python, PowerShell, Bash, KQL, etc.) for automation - Industry certifications (Microsoft Security, SANS, ISC2, etc.)

• Experience in Biotech/Pharma industry