Sr Security Engineer: Digital Forensics and Incident Response

Overview We are seeking an experienced Senior Security Engineer to join our Digital Forensics and Incident Response (DFIR) team within the broader Security Incident Response Team (SIRT), to help our organization respond to cyber-attacks. The ideal candidate will have a deep understanding of the security incident response and incident management process, attacker kill chains / methodologies, be able to respond quickly to attacks, restore services, and forensically investigate the root cause. As a member of our SIRT, you will closely collaborate with other engineers to design and implement solutions, improve incident response readiness, and provide guidance and training to external teams. Responsibilities Oversee and promptly respond to escalated security events or investigations, and activate the Security Incident Response Plan as required. Provide on-call support for critical severity issues, manage communications, and report incident status to the appropriate stakeholders. Lead forensic analysis and conduct investigations to ascertain the root cause, scope, and impact of security incidents. Develop, maintain, and improve incident response plans, procedures, and playbooks to help ensure swift action and regulatory compliance. Present guidance and training on security best practices and incident response to organizational partners, while ensuring alignment with business objectives and compliance requirements. Mentor and train incident responders on incident handling techniques, forensic analysis, and cloud security forensics and best practices. Collaborate with Compliance, Legal, and Risk teams to integrate incident response operations with business and regulatory needs. Assess vulnerabilities, propose remediation strategies, and keep up to date on current and emerging security trends, threats, and countermeasures. Qualifications Possession of industry-recognized professional-level certifications such as AWS Security Specialty, GCIH, GCFA, GFCE, CISSP is advantageous 3-5 years' experience in a dedicated cybersecurity role, with a strong emphasis on digital forensics and incident response 1-3 years' experience using scripting languages such as bash, PowerShell, and Python Experience performing analysis and detection engineering using Endpoint Detection and Response, or Cloud Security Posture Management tools such as CrowdStrike Falcon, SentinelOne, or Wiz Comprehensive understanding of cybersecurity and networking principles, including protocols, ports, and frameworks such as OWASP, MITRE ATT&CK, NIST, or CIS Experience using and defending Public Cloud services such as AWS, Azure, and GCP (IAM, CI/CD Pipelines, Network Security, DLP) Deep understanding of Security Information, and Event Management (SIEM) solutions such as Splunk or LogScale Profound knowledge of digital forensics technologies and methodologies, as well as expertise in the Security Incident Response Lifecycle according to frameworks like NIST or SANS Strong analytical and problem-solving abilities, with a focus on identifying root causes and assessing risk exposure Exceptional communication skills, both verbal and written, capable of explaining technical details to non-technical audiences and fostering strong stakeholder relationships Self-motivated with the ability to work autonomously, managing tasks effectively, and seeking assistance when necessary Proficient in working under pressure in a dynamic environment, prioritizing tasks to meet tight deadlines while maintaining procedural discipline Adaptable and proactive attitude, willing to take on various responsibilities, and eager to continuously learn and upgrade skill Proficient understanding of AI technologies and their application in enhancing security operations, threat detection, and incident response A Bachelor’s degree or higher in Technology, Computer Science, Cybersecurity, or a related field is preferred [or equivalent experience] Intuit provides a competitive compensation package with a strong pay for performance rewards approach. This position may be eligible for a cash bonus, equity rewards and benefits, in accordance with our applicable plans and programs (see more about our compensation and benefits at Intuit®: Careers | Benefits). Pay offered is based on factors such as job-related knowledge, skills, experience, and work location. To drive ongoing fair pay for employees, Intuit conducts regular comparisons across categories of ethnicity and gender. #LI-Hybrid