Senior Incident Response Engineer (Remote)

Marketing Statement:

Tokio Marine North America Services (TMNAS) provides professional support services to Tokio Marine Group companies in the United States, including Tokio Marine America, First Insurance Company of Hawaii, and Philadelphia Insurance Companies. Customer service is our focus and our passion! Tokio Marine North America Services adds value in all that we do, providing the best professional service to our business partners, allowing them to achieve their goals. Our talented team delivers actuarial, audit, corporate communications, financial and investment, human capital services, information technology, legal, and payroll expertise to our customers.

Job Summary:

As the Senior Incident Response/Operations Engineer under the Global Fusion Center US Operations, you will handle day-to-day maintenance of security infrastructure in addition to proactive threat hunting and incident response.  Your role will be key in the development, installation, configuration, and continuous improvement of the global security operations service and be critical in the response to external and internal threats.  This position will require a blend of technical expertise, analytical skills, and effective communication abilities to ensure swift and efficient handling of security events.  You will also be expected to identify opportunities to automate and improve effectiveness of operations.

Essential Job Functions:

• Conduct security investigations and lead security incident response in a cross-functional environment and drive incident resolution
• Monitor security systems and infrastructure to support best performance and reliability
• Implement and manage security tools and processes, to detect and mitigate threats
• Maintain robust security feeds and ensure data integrity
• Proactively look for threats working with level one analysts, affected teams and security vendors.
• Author threat detection rules and subsequent SOAR playbooks
• Refine operational metrics, key performance indicators, and service level objectives to measure Security Operations and Incident Response services
• Identify and implement security process automation, continuously improving processes and tools.
• Be a technical subject matter expert for Security Operations and incident Response services.
• Provide expertise to partnered security teams in mitigation of those threats
• Communicate complex technical information clearly and concisely to both technical and non-technical audiences
• Collaborate with partner security teams to offer guidance and bolster support of the organization’s security infrastructure
• Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work
• Influence and align the team’s vision and strategy
• Mentor, train, and support the development of incident response team members
• Lead incident response efforts and provide technical expertise to drive continuous improvement within the team

Qualifications:

• 8 or more years of experience in an operational cybersecurity role
• 3 or more years of hands-on incident response experience
• Experience developing and delivering on incident and program status for leadership
• Experience in threat hunting including leveraging intelligence data to proactively find and iteratively investigate suspicious behavior across networks and systems
• Experience analyzing network and host-based security events
• Proficient System Administration with either Microsoft Windows or Linux
• Proficient with CLI shells such as PowerShell or bash
• Proficient with Security Log infrastructure configuration such as Windows Event Forwarding (WEF) or syslog
• Proficient in an interpreted language such as Python, Perl, or Ruby
• Familiarity with regular expressions
• Familiarity with Large Language Models tools such as Ollama
• Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux
• Knowledge of networking technologies, specifically TCP/IP and the related protocols
• Understanding of networks, operating systems, and architecture and how they affect the security posture of a company
• Strong problem-solving aptitude
• Demonstrated ownership of projects or tasks
• Strong verbal and written communication skills
• Demonstrated professionalism and a calm demeanor while dealing with complex or high-urgency situations
• Fluency in Spanish, Portuguese, Japanese, French or Arabic a plus

Salary range $125,000 to $165,000. Ultimate salary offered will be based on factors such as applicant experience and geographic location. Our company offers a competitive benefits package and bonus eligibility on top of base.

EEO Statement:

Tokio Marine Group of Companies (including, but not limited to the Philadelphia Insurance Companies, Tokio Marine America, Inc., TMNA Services, LLC, TM Claims Service, Inc. and First Insurance Company of Hawaii, Ltd.) is an Equal Opportunity Employer. In order to remain competitive we must attract, develop, motivate, and retain the most qualified employees regardless of age, color, race, religion, gender, disability, national or ethnic origin, family circumstances, life experiences, marital status, military status,  sexual orientation and/or any other status protected by law.