PennyMac

A Typical Day The AVP, Incident Response Engineer willl drive our threat Detection and response efforts, while developing sophisticated signatures, queries, alerts, and dashboards to detect and neutralize cyber threats in a complex cloud environment while focusing on the SOC analyst experience.. The AVP, Incident Response Engineerwill:Analyze Cloud, Network, System, and Application logs to identify patterns indicative of malicious activities, forming the basis for new detection strategies.. Strong understanding of MITRE ATT&CK Framework.. Strong understanding of network technologies including TCP/IP, IDS/IPS, firewalls, LAN, WLAN, and WAN.Expert understanding of AWS IaaS/PaaS and varying flavors of Operating Systems (OS).. Desired experience in Snowflake or similar Data Lake Technology.

incident response

AVP, Incident Response Engineer Requisition ID 24-29252 Location US-CA-Agoura Hills Position Type Regular Category Technology Education Bachelor's Degree Years of Experience 7 salary $90,000 - $150,000 PENNYMAC Pennymac (NYSE: PFSI) is a specialty financial services firm with a comprehensive mortgage platform and integrated business focused on the production and servicing of U.S. mortgage loans and the management of investments related to the U.S. mortgage market. At Pennymac, our people are the foundation of our success and at the heart of our dynamic work culture. Together, we work towards a unified goal of helping millions of Americans achieve aspirations of homeownership through the complete mortgage journey. A Typical Day The AVP, Incident Response Engineer willl drive our threat Detection and response efforts, while developing sophisticated signatures, queries, alerts, and dashboards to detect and neutralize cyber threats in a complex cloud environment while focusing on the SOC analyst experience.The AVP, Incident Response Engineerwill:Analyze Cloud, Network, System, and Application logs to identify patterns indicative of malicious activities, forming the basis for new detection strategies.Create complex queries to enhance visibility and monitoring capabilities within our cybersecurity infrastructure.Collaborate with the cybersecurity team to translate intelligence requirements into effective and actionable detection strategies and perform threat hunting.Provide documentation on the creation, modification, and implementation of detection mechanisms.Collaborate with the Information Security team to peer review detection strategies and to foster an effective and positive work environment.Provide support to the Cyber Security Operations Center concerning detection review, mentorship, and triage assistance.Implement improvements to incident response playbooks and cybersecurity monitoring through pursuing automation opportunities.Work cross-functionally with infrastructure, database, cloud, application, and other relevant technical teams to drive incident analysis, containment, eradication, and post-incident activity. Participate and provide support during high priority cybersecurity incidents. Provide thought leadership for architecting solutions to critical enterprise and cybersecurity initiatives. What You’ll Bring Bachelor’s degree or equivalent work experience5+ years of relevant work experienceExcellent knowledge of technology environments, including information security, building security, and defense solutionsDeep understanding of hacking techniques and tools including evasion techniques, reconnaissance, scanning, exploitation, evasion, lateral movement, persistence, and exploits. Strong understanding of MITRE ATT&CK Framework.Strong understanding of all phases of security incident handling and forensics including probing and attack methods, network/service discovery, system assessment, threat containment/eradication, and conducting retrospects to drive operational improvement.Strong understanding of network technologies including TCP/IP, IDS/IPS, firewalls, LAN, WLAN, and WAN.Expert understanding of AWS IaaS/PaaS and varying flavors of Operating Systems (OS).Experience operating and maintaining SIEM technology and providing feedback to engineering teams to continually improve technology capabilities. Past experience in a Cyber Security Operations Center as a Security Analyst is desired.Desired 2+ years of experience in Python and/or other scripting languages to automate common tasks and/or response actions.Desired experience in Snowflake or similar Data Lake Technology.Experience performing eDiscovery investigationsStrong written and verbal communication.Ability to self-start and spearhead initiatives with minimal direction and oversight. Why You Should Join As one of the top mortgage lenders in the country, Pennymac has helped over 4 million lifetime homeowners achieve and sustain their aspirations of home. Our vision is to be the most trusted partner for home. Together, 4,000 Pennymac team members across the country are guided by our core values: to be Accountable, Reliable and Ethical in all that we do. Pennymac is committed to conducting a business that makes positive contributions and promotes long-term sustainable growth and to fostering an equitable and inclusive environment, where all employees and customers feel valued, respected and supported. Benefits That Bring It Home: Whether you're looking for flexible benefits for today, setting up short-term goals for tomorrow, or planning for long-term success and retirement, Pennymac's benefits have you covered. Some key benefits include: Comprehensive Medical, Dental, and VisionPaid Time Off Programs including vacation, holidays, illness, and parental leave Wellness Programs, Employee Recognition Programs, and onsite gyms and cafe style dining (select locations)Retirement benefits, life insurance, 401k match, and tuition reimbursement Philanthropy Programs including matching gifts, volunteer grants, charitable grants and corporate sponsorshipsTo learn more about our benefits visit: Compensation: Individual salary may vary based on multiple factors including specific role, geographic location / market data, and skills and experience as defined below:Lower in range - Building skills and experience in the roleMid-range - Experience and skills align with proficiency in the role Higher in range - Experience and skills add value above typical requirements of the role Some roles may be eligible for performance-based compensation and/or stock-based incentives awarded to employees based on company and individual performance. Salary $90,000 - $150,000 Work Model REMOTE Options Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed Need help finding the right job? We can recommend jobs specifically for you! California applicants, please to view our Privacy Policy and to view our Privacy Notice. Software Powered by iCIMS

START NEW SEARCH