Seeking an experienced Security Engineer II that has Incident Response skills and experience. The engineer will be responsible for incident response, threat hunting, and data analysis to protect and maintain the overall security of the enterprise. In this role you will be responsible for leading investigations for all priority level incidents. You will drive the coordination, investigation, resolution, closure and reporting on security incidents as they are escalated or identified.

Assist in the content development within the SIEM Platform which includes use case creation, dashboard design, tuning of use cases to minimize false positives, development of reporting metrics such as SLA and KPI reports and log source configuration.
• Threat hunting and independent threat research to augment and feed custom use case creation.
• Lead a virtual team of Incident Response participants during times of active incidents.
• Apply broad security industry, technology, business and professional knowledge to contribute to policy-making and process design;
• Conduct incident and investigations post-mortem briefings, analysis, and reporting as required.
• Research and stay current on the latest trends, best practices, and technology developments.
• Analyze, troubleshoot, and investigate security related, information systems' anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts.
• Provide off-hours support on an infrequent, but as needed basis.
• Establish and maintain a strong working relationship with all team members.
• Own the incident handling process from identification to recovery, focusing on high-quality and exhaustive deliverables.
• Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments.
• Recognize and safely utilize attacker tools, tactics, and procedures.
• Develop scripts, tools, or methodologies to enhance Amtrust's red and blue teaming processes.
• Provide mentorship and guidance for more junior contributors to security operations, while meeting project-oriented objectives.
• Explore emerging cyber capabilities through research of next-generation analytics, machine learning techniques, and graphical relationship models.
• Leverage advanced knowledge of security operations, cyber security tools, intrusion detection, and secured networks to integrate with the SIEM platform.
• Provide CSIRT support as needed in response to information security related events.
• Review and enhance logging information flow strategies and technical information flow required for log onboarding; create the work plan required for logging onboarding to include determining the technical details.

• The candidate must also be available 24/7 in case there is a need to conduct an investigation off-hours.
• Expert understanding of network architecture and security infrastructure placement.
• 1-3 years of demonstrated experience in Incident Response.
• 6 - 8 years of demonstrated security experience.
• Understanding of threat modeling concepts such as threat indicators, threats actors and vectors is a plus.
• Travel is at a minimum, but since this is an enterprise position, some travel is required.
• Security Designation(s): CERT-CSIH, CISSP, CISM, CISA, CIIP.
• Strong organizational, multi-tasking, and time-management skills.
• Exposure to security standards NIST Cyber Security Framework, NIST SP800-53, COBIT, ISO27001.
• Expert understanding of operating systems (Windows, Linux, iOS/Android).
• Strong negotiation, influence, mediation & conflict management skills.
• 5 - 10 years Professional experience.
• Undergraduate Degree.
• Exceptional ability to remain calm under stress.
• Experience working in an Agile environment using Scrum.

#LI-GD1

#LI-HYBRID

AmTrust Financial Services offers a competitive compensation package and excellent career advancement opportunities. Our benefits include: Medical & Dental Plans, Life Insurance, including eligible spouses & children, Health Care Flexible Spending, Dependent Care, 401k Savings Plans, Paid Time Off.

AmTrust strives to create a diverse and inclusive culture where thoughts and ideas of all employees are appreciated and respected. This concept encompasses but is not limited to human differences with regard to race, ethnicity, gender, sexual orientation, culture, religion or disabilities.

AmTrust values excellence and recognizes that by embracing the diverse backgrounds, skills, and perspectives of its workforce, it will sustain a competitive advantage and remain an employer of choice. Diversity is a business imperative, enabling us to attract, retain and develop the best talent available. We see diversity as more than just policies and practices. It is an integral part of who we are as a company, how we operate and how we see our future.