JOB REQUIREMENTS: At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference. At Northwestern Mutual, we believe relationships are built on trust. That our lives and our work matter. These beliefs launched our company nearly 160 years ago. Today, they\'re just a few of the reasons why people choose to build careers at Northwestern Mutual! We\'re strong and growing. In a company with such a long and storied history, this may be the most exciting and important time to be a part of Northwestern Mutual. We\'re strong, innovative, and growing We invest in our people. We provide opportunities for employees to grow themselves, their career, and in turn, our business. This is a hybrid position at either our Milwaukee office or our New York City office. ( The Milwaukee office requires onsite M, T, and W or in our NYC office on Thursday plus 1 other day.) What\'s the role? As a DFIR Engineer on the Threat Detection & Response team, your role will include responding to, investigating and containing anomalous or malicious activity that could indicate a security threat. You\'ll be responsible for staying up to date on the latest cybersecurity threats and assisting in the continual development and refinement related to monitoring, detecting and responding to abnormal network and host activity. Responsibilities: Triage, pivot and correlate across multiple network and host-based log sources. Analyze system artifacts and memory for evidence of compromise. Proactively hunt for and identify malicious activity in various log sources using threat intelligence and other indicators of compromise. Document detailed findings including timelines of events or incidents Continually improve incident response procedures and documentation. Engage with Detection Engineering and Red Team to identify opportunities to better monitor/detect suspicious behavior and automate response capabilities. Keep up to date on evolving cyber threats and identify methods to detect them. Participate in an on-call rotation with other Incident Response Engineers Desirable Skills: Experience with security tools including SIEM, EDR, AV, CASB, Next-gen Firewalls, and VPN. Experience with system and network artifacts. Working knowledge of the MITRE ATT&CK framework. Familiarity with various cloud environments and containerization technologies (AWS, Azure, O365, Docker, Kubernetes). Functional and practical experience with at least one development or scripting language/framework (e.g. PowerShell, Python, .Net) and regular expressions. Minimum Qualifications: Bachelor\'s Degree in Information Security, Computer Science, or equivalent combination of education, training, and experience. Two or more years in an Incident Response or Security Operations Center (SOC) role. Background in... For full info follow application link. EEO/AA Employer/Vets/Disability ***** APPLICATION INSTRUCTIONS: Apply Online: ipc.us/t/E27B1EB4EDFA4649 Qualified females, minorities, and special disabled veterans and other veterans are encouraged to apply.