The Department of Technology Services (DTS) is expanding its current Information Security Incident Response program and as such is seeking a qualified Incident Response Engineer who will be working in a high impact mission-critical network security environment providing technical expertise, and leadership to cyber security investigations. The Incident Response Engineer will work as a member of the Enterprise Information Security Office (EISO) Cyber Security Incident Response Team whose mission it is to provide rapid, accurate, and effective identification containment, and remediation of cyber intrusions into the Client's network. The Incident Response Engineer must have verifiable experience as being agile, willing to learn, ability to teach others and capable of thinking outside the box in order to operate effectively in an everchanging threat landscape. The Incident Response Engineer must possess senior level experience regarding the following Incident Response Life Cycle Execution experience executing the full Incident Response life cycle that includes the following o Incident Response WorkflowProcesses experienced in utilizing and adhering to defined workflow and processes driving the Incident Response identificationmitigationremediation efforts within a Security Operation Center. o Technical Analysis Participation experienced in participating in the identification of impacted systems to determine impact, scope, and priority determination. o DocumentationArtifacts Collection experienced in collecting supporting information andor relevant artifacts from Incident Response Team members regarding Incident Response activities. o Cyber Threat Documentation experienced in documenting cyber threat analysis results and subsequent remediationrecovery in an effective and consistent manner. o Incident Response EscalationHandoff - experienced in escalating and appropriately handing off to team members and leadership based on defined threat and priority determination. o IT Help Desk Tools experience working with IT Helpdesk Tools, preferably Remedyforce andor Zendesk. ProcessProcedure Optimization experienced in recommending solutions to optimize both technical and processprocedural aspects of the end to end incident response life cycle. CommunicationPresentation Skills experience in working in a highly collaborative environment communicating in appropriate written and verbal formats at all levels to include but not limited to peer, business partner and executive management. The Incident Response Engineer should possess working knowledge (defined as the ability to understand how to make something work without any deeper understanding of why it works, or of how to fix it if it breaks) of the following Network Fundamentals no less than three (3) years of experience in the basic concepts of computer networking from an enterprise information security perspective. Log File Analysis experience in utilizing log files from a variety of sources to include host logs, network traffic logs, firewall logs, andor intrusion prevention logs as part of the Incident Response life cycle. Incident DetectionResponse Tools experience in working as part of a teams in the use of Incident DetectionResponse Tools such as Splunk, SNORT IDS, Alien Vault SIEM, Kali Linux, Nmap, andor Wireshark. Advanced Threat experience in demonstrating understanding of attack signatures, tactics, techniques, and procedures associated with advanced threats.