CSIRT Engineer; HYBRID

Overview

GEICO’s Cybersecurity Incident Response Team is seeking a highly motivated Incident Response Engineer to join CSIRT. The role focuses on front-line response to threats against GEICO and its customers, with a strong emphasis on cloud-based incidents, malware analysis, and threat attribution.

• Identify, detect, respond, and mitigate sophisticated threats to GEICO.
• Conduct incident response activities for cloud environments (AWS, Azure, GCP) and host-based analysis of Windows, Linux, and Mac operating systems.
• Examine data from IDS alerts, firewall logs, web logs, and network traffic logs to identify IOCs and malicious TTPs.
• Apply use case scenarios to develop threat detection and incident response capabilities.
• Analyze events within environments to mitigate threats and perform root cause analysis of security events and incidents.

• 4+ years of Incident Response experience.
• Knowledge of digital forensics and incident response best practices.
• Experience responding to cloud-based incidents and performing root cause analysis.
• Familiarity with the MITRE ATT&CK framework.
• Strong critical thinking, logic, decision making, and troubleshooting skills.
• Proficient in scripting languages (Bash, Python, Perl, Power Shell).
• Excellent written and oral communication skills.
• Ability to work independently and as a team member.
• Experience with advanced-level triage and troubleshooting.

• GIAC Cloud Security Essentials Certification (GCLD)
• GIAC Cloud Forensics Responder (GCFR)
• GIAC Certified Web Application Defender (GWEB)
• GIAC Cloud Security Automation (GCSA)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Examiner (GCFE)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Reverse Engineering Malware (GREM)
• GIAC Defending Advanced Threats (GDAT)
• GIAC Cyber Threat Intelligence (GCTI)
• Certified Information Systems Security Professional (CISSP)

Competitive pay ranging from $60,000 to $150,000, along with benefits and flexibility to support your well-being and future. GEICO offers personalized development programs, mentorship, and certification assistance.

GEICO provides a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.

GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company.

GEICO is an equal opportunity employer. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect.