Job Description

Ensign is hiring !

Key Responsibilities:

• Monitor security alerts, logs, and intelligence feeds to detect and respond to cybersecurity threats in real-time.

• Triage, analyze, and respond to security incidents, including malware infections, phishing attacks, insider threats, and data breaches.

• Conduct root cause analysis and forensic investigation to determine the scope and impact of incidents.

• Document incident timelines, actions taken, and remediation steps in detailed reports.

• Collaborate with IT, infrastructure, and application teams to contain and remediate threats.

• Maintain and improve incident response playbooks and standard operating procedures (SOPs).

• Participate in post-incident reviews to identify gaps and recommend improvements.

• Assist with threat hunting activities and continuous improvement of detection capabilities.

• Stay current on emerging threats, vulnerabilities, and best practices in incident response.
   

Required Skills & Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.

• 3–5 years of experience in incident response, SOC operations, or a related cybersecurity role.

• Hands-on experience with SIEM tools (e.g., Splunk, QRadar, ArcSight), EDR solutions, and threat intelligence platforms.

• Knowledge of Windows, Linux, and network security fundamentals.

• Familiarity with MITRE ATT&CK framework and TTP analysis.

• Strong analytical and problem-solving skills, with the ability to work under pressure.

Job Requirements