Sr. Incident Response Engineer

Summary:

AutoZone has an exciting opportunity for a Sr. Incident Response Engineer to join the AutoZone Information Security Team to deliver desired, sustainable business outcomes and assure the integrity and continuity of our systems. At AutoZone you will be part of an integrated team that spans the key areas of threat detection, threat intelligence, response and remediation. The focus of this position is to conduct incident response activities, computer forensics analysis, threat detection, and the advanced correlation and development within the SIEM and the security controls framework.

Responsibilities:

Participate in any of the level incident response process and incident management life cycle. Roles may vary by project and assignment. This may include, but not limited to:

• Maintain situational awareness of emerging cyber trends by reviewing open-source reports for recent vulnerabilities, malware, and other threats that have the potential to impact the organization (IOC’s, TTPs)
• Correlate and demonstrate deep understanding of data from multiple sources, not limited to user authentication events, windows security event logs, syslog, DHCP logs, DNS logs, intrusion detections alerts, proxy logs, packet captures, and firewall events. This is needed for both on-prem and cloud environments
• Evaluate potential business impact from security breaches
• Respond tactically to Cybersecurity Incidents in alignment with the NIST framework and corporate policies to include making recommendations for Corrective Actions
• Develop and test incident response playbooks and take initiative in evaluating, proposing, and deploying various detection capabilities.
• Creation and execution of planned and ad-hoc threat hunting missions, which may transition into new detections
• Provide digital forensics services including acquisition, analysis, and reporting for Linux, OSX, and Windows endpoints

Requirements:

• Bachelor’s degree or equivalent experience; education preferably concentrated in IT, Application Development, Engineering or Computer Science
• Minimum of 3 years of experience based in incident response required
• GCFE, GRID, GCIH, GCFA, CCFP, CISSP desirable
• Working knowledge of conducting forensic investigations / eDiscovery / chain of custody
• Knowledge of security related to IT Infrastructure, IT Applications design and System access/authorization processes
• Ability to work and build relationships across different internal stakeholders
• Exceptional communication and problem-solving skills
• Advanced knowledge of Windows AD / Exchange is desirable
• Operational Technology (OT) environment experience desirable
• Experience with hybrid cloud environments preferred
• Familiarity with the NIST / SANS Incident Response Framework
• Prior SIEM and UEBA experience – Security Information & Event Management system, log aggregation and event notification tool such as Splunk / Elastic / Securonix

AutoZone, and its subsidiaries, ALLDATA, AutoAnything and IMC are equal opportunity employers. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status, or any other legally protected categories.

Job ID : 220001U0