Incident Response/InfoSec Engineer

Insight Global is seeking an Incident Response/InfoSec Engineer for one of our Biotech clients in Billerica, MA. This role will be hybrid remote working three (3) days onsite. This role will start as a six (6) month contract with potential extensions and the possibility of converting to a permanent position.

In this role you will join our client's growing organization and Information Security team and will work within the Security Operations team, reporting to the Director, IT Infrastructure and Security Operations. You will respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard highly sensitive data. You will work hands-on with detection systems and vulnerability analysis tools to respond to potential threats to their systems. You should be prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis. With your technical expertise, you will be solving security challenges at scale, working to protect the applications that support our client's and their fast-growing business. We are seeking broad and deep technical knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence. Additional Responsibilities Include:

• As a SME, you will be responsible for leading incidents, investigations, and security initiatives
• Act as a security multiplier to help scale security incident response
• Prepare post-mortem reports of incidents and present findings to the broader team
• Create and maintain runbooks to ensure smooth handling of all security incidents
• Lead and participate in incident response tabletop exercises to validate and improve existing processes and procedures and train others on their roles and responsibilities during an incident
• Monitor and analyze security logs, using KQL queries in Microsoft Sentinel, to identify potential security breaches
• Build, refine, and maintain analytic rules, workbooks, hunting queries, and dashboards in Microsoft Sentinel to enhance detection and response capabilities
• Automate incident response and enrichment processes using Logic Apps, automation rules, and playbooks in Sentinel
• Assess vulnerabilities within the environment, conduct risk-based prioritization of vulnerabilities, and assist in remediation
• Lead and coordinate responses to cyber threats, including incidents identified in Microsoft Defender for Endpoint

5+ years of experience in Incident Response

• Extensive experience with Microsoft Defender for endpoint protection and response
• Experience with Microsoft Sentinel (SIEM/SOAR)
• Experience with vulnerability management solutions
• Experience with scripting tools (Python, PowerShell, Bash, KQL, etc.) for automation

Nice to Have Skills & Experience

• Industry certifications (Microsoft Security, SANS, ISC2, etc.)
• Experience in Biotech/Pharma industry

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.