Principal Incident Responder at Gen – USA – Arizona, Tempe

About Gen:

Gen is a global company that drives digital freedom through consumer brands including Norton, Avast, LifeLock, Avira, AVG, ReputationDefender and CCleaner. Our shared heritage is rooted in keeping the first digital generations safe. We provide leading cybersecurity, privacy and identity protection technology solutions to over 500 million users across 150 countries, empowering them to live their digital lives safely, privately and confidently, today and for generations to come. We’re always looking for bright, fearless and dedicated people. Together, we have a collective passion and a grand vision to drive digital freedom by protecting consumers and giving them control over their digital lives.

Gen has a dynamic, supportive culture with core values ​​that celebrate diversity, foster teamwork, and encourage every team member to contribute and grow. Join us!

About the role:

Chief Incident Responder – Lead for US Time Zone

Location – The position is a hybrid position, meaning the individual must live within commuting distance of our Tempe/Plano offices and be in the office 2-3 times per week.

As a member of the Security Operations subdivision, the Incident Response Team detects, manages, and remediates security incidents at Gendigital. Incident Response Team (IR) members are the firefighters of Gendigital’s security department. The IR team works to create and maintain a safe and secure operating environment for the organization and its customers and responds to active security incidents. As an Incident Responder on the IR team, you will build and maintain the tools we use to detect and respond to emerging threats in efficient and scalable ways, respond to and ensure remediation of security incidents, and develop and implement preventative security measures for the Gen organization and Gendigital.com and its subsidiaries. Successful Incident Responders thrive in high-stress environments and are able to think like both an attacker and a defender, collaborate with and mentor junior team members, and help devise proactive and preventative security measures to keep Gen and its users’ data safe in an ever-changing threat landscape.

What you will do in this role:

• Detect and respond to security incidents across the enterprise, coordinating cross-functional teams to contain and eradicate threats.
• Monitor and analyze emerging threats, vulnerabilities, and exploits.
• Develop and implement scalable preventive security measures (detection, monitoring, exploitation)
• Integrate current trends, advice, publications and academic research in the field of security.
• Communicate risks and measures to multiple target groups.
• Ability to use Splunk, TheHive/Cortex and other security automation tools.
• Experience in designing and implementing processes and tools to improve incident handling and resolution.
• Technical knowledge of systems in a multi-tenant, multi-cloud environment
• Ability to communicate via a text-based medium (Teams, email) and concisely document technical details.
• Willingness to be part of the Security Operations On-Call rotation.
• Share our values ​​and work in accordance with those values.
• Expands the responsibilities of the incident responder, plus:
• Collaborate with other teams within and outside of security on broad security topics.
• Detect and respond to security incidents independently across the organization.
• Conduct proactive threat research based on threat intelligence.
• Independently perform forensic analysis of infected hosts.
• Analyze network traffic and identify attacker activity.
• Guide other Incident Response Team members
• Build and maintain scalable logging and analysis platforms and tools.
• Perform root cause analysis (RCA) and incident reviews.

Requirements for Sr. Incident Responder

• 5+ years of proven experience in web or cloud security engineering, log aggregation and/or penetration testing.
• Minimum 2 years of experience in incident response.
• Excellent written and oral communication skills.
• In-depth technical knowledge of systems in a multi-tenant, cloud environment
• In-depth knowledge of the Linux operating system and common OS monitoring practices
• Ability to build working relationships with key stakeholders.
• Willingness to be part of the Security Operations On-Call rotation.
• Experience with operating system internals and hardening, web application and browser security, and intrusion monitoring and detection

#LI-AM1

Gen is proud to be an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive and accessible environment for all employees. All employment decisions are based on merit, experience and business need, without regard to race, color, national origin, age, religion, sex, pregnancy (including childbirth or related medical conditions), genetic information, disability (physical or mental), medical condition, marital status, sexual orientation, gender identity or expression, military or veteran status, or any other consideration unlawful by federal, state or local law. Gen strictly prohibits unlawful discrimination based on such protected characteristics and strives to recruit the most talented candidates from diverse cultures and backgrounds.

We also consider individuals who are eligible for employment and who have a criminal record. In addition, we will not discharge or otherwise discriminate against employees or applicants because they have asked, discussed, or disclosed their own salary or the salary of another employee or applicant. Learn more about salary transparency.

Gen complies with all anti-discrimination laws.

To comply with U.S. export control regulations, the applicant must qualify for the required U.S. government licenses.