Motorola Solutions is seeking a battle-tested Incident Response Engineer to join our world-class security program.You will lead investigations for high-impact events and a proactive hunter tasked with reducing attacker dwell time.  In addition you will lead projects to create new and improve our security capabilities.

Codzienne zadania

• Core Focus: Incident Leadership & Response
• Lead High-Impact Incidents: Act as the primary Incident Response Lead (IRL) for complex security events, directing containment, eradication, and recovery.
• Advanced Digital Forensics: Perform deep-dive analysis (host, memory, network) to determine breach scope and impact.
• Root Cause & Remediation: Execute thorough Root Cause Analysis (RCA) and lead After-Action Reviews (AAR) to ensure every incident results in a permanent security improvement.
• Containment Strategy: Develop and deploy immediate strategies to isolate threats and minimize organizational damage.
• Detection, Analysis & Hunting
• Proactive Threat Hunting: Design and execute hunt missions to identify undetected malicious activity.
• Detection Engineering: Tune SIEM/EDR rules and develop high-fidelity detections based on Purple Team findings and emerging threat intel.
• Malware Analysis: Conduct static and dynamic analysis to understand adversary TTPs and extract actionable IOCs.
• SOC Escalation: Serve as the final technical authority for high-priority security anomalies.
• Strategy & Process Improvement
• Playbook Development: Create and refine IR plans, runbooks, and SOPs to automate repetitive tasks and increase efficiency.
• Security Architecture: Evaluate and tune security tools (SOAR, EDR, SIEM) to enhance global posture.
• Mentorship: Coach junior staff on advanced forensic techniques and investigative logic.

Must have

• Incident Response
• SIEM
• SOAR
• Mitre ATT&CK
• Cyber Kill Chain