Ampere - Information Security Engineer - Incident Management

Recognized by Fast Companys 2023 100 Best Workplaces for Innovators List, Ampere is a semiconductor design company for a new era, leading the future of computing with an innovative approach to CPU design focused on high-performance, energy efficient, sustainable cloud computing.

By providing a new level of predictable performance, efficiency, and sustainability Ampere is working with leading cloud suppliers and a growing partner ecosystem to deliver cloud instances, servers and embedded/edge products that can handle the compute demands of today and tomorrow.

Join us at Ampere and work alongside a passionate and growing team wed love to have you apply!

About the Role :

We are seeking a highly skilled and experienced Information Security Engineer with deep expertise in forensics and incident response to join our global cybersecurity team.

The ideal candidate will hold a GIAC Certified Forensic Analyst (GCFA) certification and have a proven track record in handling advanced security incidents, performing digital forensics, and conducting malware reverse engineering.

This role will serve as a technical lead for complex security incidents, threat hunting activities, and post-incident investigations.

You will work in close collaboration with threat intelligence, SOC Tier 1 and 2 teams, IT, legal, and compliance departments to protect and defend the organization from advanced threats.

What youll achieve :

- Lead high-severity security incident investigations and coordinate response efforts across internal stakeholders.

- Perform endpoint, network, and cloud-based forensics to determine root cause, scope, and impact of cyber incidents.

- Conduct reverse engineering of malware and other threat artifacts to understand tactics, techniques, and procedures (TTPs).

- Develop and improve SOAR capabilities in forensics and reporting.

- Develop and improve incident response playbooks and standard operating procedures.

- Collaborate with Tier 1 and Tier 2 SOC analysts to provide mentorship and technical guidance.

- Perform proactive threat hunting using data analytics and intelligence.

- Liaise with legal, compliance, and HR teams during internal investigations as required.

- Participate in red/blue/purple team exercises to improve detection and response capabilities.

- Work with global counterparts to provide 24/7 incident handling coverage and continuous improvement of SOC operations.

- Assist with evidence collection and reporting in line with legal and regulatory requirements.

About You :

- Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience).

- Preferred Forensic focus.

- Minimum 5 years of hands-on experience in cybersecurity, with at least 3 years in forensics and incident response.

- GIAC Reverse Engineering Malware (GREM) certification

- Proven experience leading security investigations and managing incident response workflows.

- Strong knowledge of SIEM, EDR, forensic tools (e.g., EnCase, FTK, Volatility), and malware analysis platforms.

- Deep understanding of the MITRE ATT&CK framework and threat actor behaviors.

- Experience in reverse engineering malware using tools like IDA Pro, Ghidra, or similar.

- Familiarity with cloud platforms (AWS, Azure, GCP) and incident response in hybrid environments.

- Additional certifications such as GCFE, GCIA. GNFA, GBFA, GCIH

- Experience in scripting or automation using Python, PowerShell, or Bash.

- Prior experience in a global or multinational enterprise SOC.

- Ability to work independently under pressure and communicate effectively with technical and non-technical audiences.

- Ability to follow investigations to root cause and closure