We are seeking a highly technical Incident Response Engineer to join a security team focused on real-world threat detection, triage, and response.
This is a hands‑on role for someone who enjoys working directly with alerts, logs, and incidents, rather than purely strategic or managerial work.
What you’ll do:
* Triage and investigate security alerts and incidents
* Develop and improve detection logic and response workflows
* Write Python scripts for automation, enrichment, and response
* Analyze logs from endpoints, networks, and cloud environments
* Support incident response activities across AWS‑based systems
* Perform root‑cause analysis on security events
* Collaborate with SOC and detection‑focused engineers
* Improve playbooks, tooling, and response processes
What we’re looking for:
* Strong experience in incident response, SOC, or security engineering
* Hands‑on experience with triage, investigations, and detection
* Solid Python scripting and automation skills
* Experience working with AWS environments and cloud security signals
* Familiarity with SIEM workflows and alert pipelines
* Strong analytical and problem‑solving skills
Nice to have:
* Threat hunting experience
* Detection engineering or rule development
* Experience with SOAR or response automation
* Knowledge of attacker techniques (MITRE ATT&CK)
* Experience working in cloud‑native or SaaS environments
#J-18808-Ljbffr