SOC Incident Response Lead

As an Incident Response Lead you’ll be part of a team of analysts and engineers with detecting and responding to security events across the Anaplan environment. This is a key position with the Cyber Defense team, and you will be instrumental in helping mature Anaplan’s ability to effectively and efficiently manage cyber incidents.

Your Impact

• Triage, respond and contain computer security incidents across the Anaplan datacenter, cloud, and corporate environments
• Provide digital forensics services including acquisition, analysis, and reporting for Linux, OSX, and Windows endpoints
• Conduct log analysis across a diverse ecosystem of technology to locate root cause of incidents
• Function as Incident Manager, leading all activities related to the Incident Response process
• Act as the escalation point for MSSP and/or MDR partners
• Lead incident retrospectives and contribute to improvements in the overall security posture of Anaplan
• Develop, mature, and test incident response playbooks
• Contribute to the development of new use cases and automation playbooks
• Apply team metrics to drive continuous improvement activities, projects, and team efficiency
• Closely collaborate with the Deputy CISO, Security Leadership Team and other key collaborators within the wider Engineering group
• Maintain on-call availability to support after hours coverage

Your Qualifications

• Demonstrable, relevant security experience
• 3 years of experience as a full-time incident responder or forensic analyst working within a global SOC
• Demonstrated experience independently leading security incidents and investigations; bonus points for Cloud experience
• Advanced knowledge of detecting threat actors across the entire cyber kill chain
• Solid understanding of network and endpoint security monitoring capabilities
• Experience performing basic static and dynamic malware analysis
• Experience handling the relationship with MSSP/MDR vendors
• Demonstrated history of solving problems and naturally curious
• Exhibit outstanding communication and collaboration skills
• You are a teammate with experience working with remote, global teams