Incident Response

Job Description

Security Specialist, Incident Response Responsibilities includes • Lead security incident response in a cross-functional environment and drive incident resolution. • Lead and develop Incident Response initiatives that improve Allianz capabilities to effectively respond and remediate security incidents. • Perform digital forensic investigations and analysis of a wide variety of assets including endpoints. • Perform log analysis from a variety of sources to identify potential threats. • Build automation for response and remediation of malicious activity. • Write complex search queries in the EDR as well as SIEM tools for hunting the adversaries. • Works on SOAR cases, automation, workflow & Playbooks. • Integrating and working on Identity solutions. • Developing SIEM use cases for new detections specifically on identity use cases. Minimum Qualifications: • 5-10 years of experience in Security Incident Response, Investigations • Working experience in Microsoft On-prem and Entra ID solutions • Good knowledge in Active Directories and Tier 0 concepts • Very good knowledge of operating systems, processes, registries, file systems, and memory structures and experience in host and memory forensics (including live response) on Windows, macOS and Linux. • Experience investigating and responding to both external and insider threats. • Experience with attacker tactics, techniques, and procedures (MITRE ATT&CK) • Experience analyzing network and host-based security events