Sr. Security Engineer

We are seeking an experienced Incident Response (IR) Lead with 5 to 7 years of hands-on experience in cybersecurity operations, incident handling, and threat management. The ideal candidate will be responsible for leading security incident investigations, coordinating response efforts, and enhancing the organization s cyber resilience. This role requires a deep understanding of security technologies, attack techniques, and frameworks such as NIST, MITRE ATTCK, and ISO 27001.

• Lead the end-to-end incident response lifecycle, including detection, containment, eradication, and recovery.
• Analyze and investigate security alerts, correlating logs and threat intelligence to assess impact.
• Conduct forensic analysis on compromised systems and networks to determine the root cause.
• Collaborate with cross-functional teams to contain and mitigate security incidents.
• Develop detailed post-incident reports (PIRs) and lead incident debrief sessions.

• Utilize threat intelligence feeds, MITRE ATTCK, and SIEM correlation rules to proactively identify threats.
• Conduct threat-hunting exercises to detect anomalies and suspicious activities.
• Maintain awareness of the latest TTPs (Tactics, Techniques, and Procedures) used by threat actors.

• Work closely with SOC analysts to enhance detection and response capabilities.
• Implement automation and SOAR playbooks to improve response time and reduce manual efforts.
• Fine-tune SIEM detection rules, alerts, and logging mechanisms to reduce false positives.

• Ensure compliance with industry standards and regulatory requirements (NIST, ISO 27001, GDPR, etc.).
• Assist in audit and compliance efforts related to security incident management.
• Prepare executive-level reports on IR metrics, trends, and response effectiveness.

• 5 to 7 years of experience in Incident Response, Security Operations (SOC), or Threat Intelligence.
• Strong knowledge of EDR, SIEM (Splunk, Microsoft Sentinel, or similar), SOAR, IDS/IPS, and forensic tools.
• Hands-on experience with malware analysis, digital forensics, and reverse engineering.
• Familiarity with frameworks like MITRE ATTCK, NIST CSF, CIS Controls, and ISO 27001.
• Proficiency in log analysis, network security monitoring, and packet analysis (Wireshark, Zeek, etc.).
• Strong scripting skills in Python, PowerShell, or Bash for automation and threat hunting.
• Excellent communication skills to interact with stakeholders, executives, and technical teams.
• Security certifications such as GCFA, GCIH, CISM, CISSP, or CEH are preferred.

• Experience in cloud security (Azure, AWS, GCP) incident response.
• Exposure to Red Team / Blue Team methodologies.
• Knowledge of MITRE D3FEND and adversary emulation techniques.

• Opportunity to lead high-impact security investigations in a dynamic environment.
• Work with a team of skilled cybersecurity professionals.
• Competitive compensation and growth opportunities in cybersecurity leadership.

Our Values

If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like oursFind out here: Core Values

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.