We believe work is not a place, but rather a thing you do. Our technology revolves around this core philosophy. We are relentlessly committed to helping people work and play from anywhere, on any device.
Innovation, creativity and a passion for ever-improving performance drive our company and our people forward. We empower the original mobile device : YOU!What we're looking for : You will coordinate and manages resolution to a wide range of cyber security incidents including forensic analysis and preservation.
You will work with cross-functional teams to perform cyber security investigations, incident response activities, and incident reporting.
Assists with activities around the forensic preservation, collection, analysis, and reporting of information used to support investigations and legal matters.
Your strong attention to detail, flexibly, ability and desire to learn new cyber threats, trends, and technical procedures will be set you apart.
Position OverviewThe Senior Principal Incident Response Engineer works with cross-functional teams to manage cyber investigations, incident response activities, and incident reporting.
Assisting with activities around the forensic preservation, collection, analysis and reporting of data used to support investigations and legal matters.
The role requires practical working knowledge of the incident response life-cycle (detection, Identification, containment, analysis, remediation and reporting) and knowledge and ability to deploy sand box environments.
Experience with scripting and log analysis tools and strong communication and presentation skills along with the ability to work in a highly collaborative environment is key.
Roles Responsibilities : You will be seasoned in handling of digital evidence and matters of confidentiality and will coordinate and manage resolution to a wide range of cyber security incidentsYou will provide support for monitoring security events, respond to alerts, and track incidentsYou will perform incident triage by determining scope, urgency and potential impact including identifying the specific vulnerability, attack vector and recommending remediation actions and analysis of log files, packet captures, including basic forensic analysis of systems and hostsYou will utilize forensics tools such as FTK, KAPE, Sleuth Kit, SIFT in acquisition, analysis and reporting and your experience with Encase and the usage of Write Block Applications will be key.
With your extensive experience in relation to incident investigation with a forensic background, you will be comfortable with performing analysis of e-mails, malware, and potentially malicious websites and documenting the full life cycle of the incident from detection, containment and remediationYou will act as subject matter expert to resolve incidents by working with various stakeholders to correlate intelligence and threat data and possess strong knowledge of network protocols, Windows / Linux, EDR solutions, SEIM, virtualization and cloud platforms.
You will create and maintain digital forensics procedures and processes, Identify and track indicators of compromise based on analysis of digital evidenceCoordinate and share indicators and other information with the CSIRT and SOC and create and maintain Cyber Security Incident Response documentation, including playbooks, runbooks, policies, processes and proceduresAbility and willingness to work on call rotation (24 / 7) and / or a shifted schedule as neededBasic Qualifications : Bachelor’s degree or higher in computer science or related area of study or equivalent combination of education and / or relevant work experienceRelated certifications (GCIH, GCFE, GCFA, GNFA,CEH, A+, Network+, and / or Security+)Basic understanding of legal, regulatory and compliance requirements (GDPR, PCI, HIPAA, SOX, etc.
Exposure and expert knowledge with event correlation using SEIM tools such as Splunk.eDiscovery experience of legal, regulatory and compliance requirements (PCI, HIPAA, SOX, etc.
Experience with forensic tools (FTK, EnCase, Volatility, The Sleuth Kit, SANS SIFT)What you’re looking for : Our technology is built on the idea that everyone should be able to work from anywhere, at any time, and on any device.
It’s a simple philosophy that guides everything we do including how we work. If you’re an engineer, we’ll give you plenty of ways to test your skills on cutting edge technology.
We want employees to do what they do best, every day.Be bold. Take risks. Imagine a better way to work. If this sounds like you then we’d love to talk.
Functional Area : Incident ResponseAbout us : Citrix is a cloud company that enables mobile workstyles. We create a continuum between work and life by allowing people to work whenever, wherever, and however they choose.
Flexibility and collaboration is what we’re all about. The Perks : We offer competitive compensation and a comprehensive benefits package.
You’ll enjoy our workstyle within an incredible culture. We’ll give you all the tools you need to succeed so you can grow and develop with us.
Citrix Systems, Inc. is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination on the basis of age, race, color, gender, sexual orientation, gender identity, ethnicity, national origin, citizenship, religion, genetic carrier status, disability, pregnancy, childbirth or related medical conditions, marital status, protected veteran status and other protected classifications.
Citrix uses applicant information consistent with the Citrix Recruitment Policy Notice at Citrix welcomes and encourages applications from people with disabilities.
Reasonable accommodations are available on request for candidates taking part in all aspects of the selection process. If you are an individual with a disability and require a reasonable accommodation to complete any part of the job application process, please contact us at (877) 924-8749 or email us at ASKHR citrix.
com for assistance.If this is an evergreen requisition, by applying you are giving Citrix consent to be considered for future openings of other roles of similar qualifications.