We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Connection jobs

Lead Security Incident Response Engineer - PCC

Connection
medical insurance, paid time off, sick time, 401(k)
United States, Illinois, Schaumburg
915 National Parkway (Show on map)
Jan 16, 2025
Lead Security Incident Response Engineer - PCC
Elegant solutions to sophisticated problems. That’s what you deliver. Surround yourself with the team, resources, and support you need to design and build world-class IT solutions.

Schaumburg, IL


CONNECTION

At Connection, our purpose is simple: we connect people with technology. From hardware—PCs, printers, servers, and more—to cutting-edge cloud, cybersecurity, and professional IT services, we design, build, and support the IT solutions that thousands of companies, schools, and government agencies rely on every day. We like to think of ourselves as the IT Department for our customers’ IT Department. Our company started out almost 40 years ago with two employees and a phone line. Today we’re a Fortune 1000 IT solutions partner operating in 174 countries around the world—still driven by that startup mentality and guided by our original purpose.
https://www.connection.com/

keywords: position summary,what we do,who we are,why you should join us,teamwork,security,compliance,performance,technical,skills,experience,knowledge

Full Time

$117,692.00/Yr. - $153,000.00/Yr.

Overview: What We Do:

We calm the confusion of IT by guiding the connection between people and technology. If a customer is looking for a better way to manage their warehouse inventory, equip their workforce, or secure their data, we make it happen. All it takes is finding the right combination of tech hardware, software, cloud solutions, and support services. That’s what we do. We’re the IT Department’s IT Department.

Who We Are:

Our team is made stronger by a multitude of backgrounds, experiences, and perspectives. It’s what makes Connection unique—what drives us to innovate and create technology solutions that stand apart from the crowd. We’d love for you to be a part of that fabric, to share your ideas and experiences with a team that thrives on fresh thinking, creativity, and helping others.

Why You Should Join Us:

You’ll find supportive teammates and a rewarding career at Connection—plus great benefits. We take pride in supporting employees with a total rewards package that provides financial, emotional, and physical resources for you and your family. Our compensation, 401k plans, medical insurance, and other benefits are progressive and competitive. We value the importance of our employees’ emotional well-being. To support employees, we provide free therapy visits, mental health coaching and tools, and meditation resources. You’ll also enjoy a generous paid time off package that includes not only vacation and sick time, but also Wellness and Volunteer Time Off days.

The Lead Security Incident Response Engineer is responsible for incident response and management, monitoring and alert handling, security operations management, threat intelligence and mitigation, policy and compliance management, as well as training and mentoring junior engineers.

Entity of type com.vizirecruiter.common.domain.model.Label with id: 2025
Entity of type com.vizirecruiter.common.domain.model.Label with id: 2024
Entity of type com.vizirecruiter.common.domain.model.Label with id: 16471
Responsibilities: Incident Response, Management, and Coordination:



  • Leads investigations of security breaches, attacks, or incidents.
  • Coordinates with internal and external teams to mitigate ongoing attacks.
  • Oversees post-incident review sessions with clients and recommend corrective actions.
  • Develops and executes incident response plans ensuring appropriate stakeholders are informed and involved.
  • Maintains communication with defined key stakeholders during an active incident.



Monitoring and Alert Handling:


  • Works with SOC teams to develop and fine tune Security Information and Event Management (SIEM) systems for monitoring client networks.
  • Analyzes alerts from firewalls, intrusion detection systems (IDS), and other tools as needed
  • Prioritizes alerts and determine severity, providing actionable recommendations to security teams.
  • Stays updated on emerging threats, vulnerabilities, and attach techniques in order to integrate in the team's detection and response strategies.



Security Operations Management:



  • Assigns tasks, prioritize incidents, and leads the team’s response during threat analysis and incident handling.
  • Ensures compliance with operational procedures and service level agreements (SLAs).
  • Collaborates with the SOC (Security Operations Center) to address potential risks and vulnerabilities.
  • Provides guidance and technical direction during active security incidents.
  • Conducts post-incident team meetings to review lessons learned and increase the team's effectiveness.



Threat Intelligence and Mitigation:


  • Stays updated on emerging threats, vulnerabilities, and attack vectors.
  • Works with SOC teams to ensure accurate detection and response strategies are in place.
  • Conducts vulnerability assessments and recommend patches or mitigation strategies.
  • Coordinates penetration tests and red team exercises to assess security posture.



Policy and Compliance Management:


  • Ensures compliance with relevant standards (e.g., ISO 27001, NIST, GDPR, SOC2, HIPAA).
  • Implements and enforces security policies, procedures, and governance frameworks.
  • Collaborates with audit and compliance teams to prepare reports.



Training and Development:



  • Mentors junior engineers and analysts and provides guidance on security best practices.
  • Conducts security awareness training for technical and non-technical staff.
  • Facilitates tabletop exercises and incident response drills for the organization.



Collaboration Across Teams:


  • Works closely with IT, DevOps, network, and business teams to align security efforts.
  • Coordinates with third-party vendors, and/or regulatory bodies as needed.
  • Acts as a point of contact for escalations regarding.

Entity of type com.vizirecruiter.common.domain.model.Label with id: 484
Requirements:

  • Proficiency in security tools such as SIEMs, firewalls, IDS/IPS, endpoint detection and response (EDR), and vulnerability management tools.
  • Strong leadership and team management skills to coordinate efforts across internal and external security teams.
  • Ability to translate complex technical security findings into business-level reports and communicate with both technical and non-technical stakeholders.
  • Analytical mindset for diagnosing issues and quickly addressing security incidents.
  • Familiarity with frameworks such as NIST, CIS Controls, ISO 27001, and regulatory requirements.
  • Experience working as a mentor of a team.
  • CISSP, CEH, CCSP, SANS GIAC, SANS GCIH, or other vendor specific security certifications preferred.

Applied = 0
MORE JOBS LIKE THIS

(web-6f6965f9bf-tv2z2)