Job Details

Cyber Security Incident Response Engineer

One Source Communications
Raleigh, North Carolina, United States

Job Summary:

The Cyber Security Incident Response Engineer will need to be willing to use strong technical skills and have an eagerness to lead projects and work with our clients. Candidates will need to apply their Active Directory, network architecture, security hardening, and logging enforcement skills to assist clients with containment, remediation and recovery workstreams. The engineer must be comfortable working in teams to tackle challenging projects, communicating with clients, providing hands-on assistance with containment and remediation activities, and creating and presenting high-quality deliverables.


  • Conduct Incident containment, remediation and recovery engagements for clients
  • Assess environments that have suffered a cyber incident, document detailed remediation/recovery/eradication execution guides and tracking documents and support the execution of a coordinated remediation event
  • Design and assist clients with network and identity architecture enhancements and configuration modifications to defend against identified threats and attacker techniques
  • Recommend and document specific counter-measures and mitigating controls
  • Articulate One Source's capabilities in marketing discussions, proposal efforts, and capability briefings
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Effectively communicate remediation strategies and workstreams to client stakeholders including technical staff, executive leadership, and legal counsel
  • Work with our sales team and clients to scope engagements, draft contracts, and deliver services
  • Identify, market, and develop new business opportunities
  • Supervise, coach, and develop staff
  • Improve One Source's business processes and methodologies

Required Skills/Abilities:

  • Knowledge of security policy and technical standard development, secure infrastructure design reviews, multi-tiered trust zone structures, and complex networking through multiple level network security structures
  • Excellent oral and written communication skill
  • Thorough understanding of enterprise security controls in Active Directory / Windows environments
  • Active Directory Trusts and Architectures
  • Privileged Access Management best practices
  • Windows and Unix endpoint hardening and security control enforcement
  • Expertise in enforcing application allow listing and host-based restrictions
  • Implementation and enforcement of technologies such as Credential Guard and Device Guard
  • Understanding of enterprise networking and knowledge of network segmentation strategies
  • Implementation and management of both network and host-based firewall configurations
  • Implementing logging configurations for network devices and Windows and Unix endpoints
  • Experience with designing and implementing Microsoft Azure Active Directory and/or Office 365 collaboration suite of services
  • Experience with designing and implementing Amazon Web Services and/or Google Cloud Platform

Education and Experience:

  • Bachelor's degree in Information Systems, related discipline or equivalent experience
  • CISM, CISSP-ISSMP, GCIH or similar industry certification preferred
  • 5+ years of experience in Cybersecurity incident handling and experience in Security Operation Center

Send application

Mail this job to me so I can apply later

Apply With CV

You are not logged in. If you have an account, log in to your account. If you do not have an account, why not sign up? It only takes a minute!

latest videos

Upcoming Events