Senior Security Engineer - Incident Response

Prima Power

full-time

Posted on: 9/19/2025

Origin: • 🇮🇹 Italy

✨ AI Apply

Senior

AWSCloudKubernetesPythonRust

About the role

Strengthen EDR/XDR and DLP configurations.
Define new automatic detections of security events in the SIEM.
Improve automatic enrichment and integration with SIEM/SOAR.
Automate security alerts triage and Incident Response playbooks.
Define runbooks to be used during Incident Response.
Lead and execute Table Top eXercises (TTX) with different actors and teams.
Lead by example during investigation and response of security alerts.
Oversee the on-call shifts and guarantee 24x7 security support.
Collaborate on all the activities of the Security Engineering team and contribute across software, infrastructure, operations and security.

Hands-on experience with SIEM and SOAR platforms.
Hands-on experience with Crowdstrike or similar EDR/XDR solutions.
Hands-on experience with MDM solutions.
Hands-on experience in AWS and K8s (EKS) security.
Proficiency in scripting and programming languages (e.g., Python, Rust).
Availability for on-call shifts to guarantee 24x7 security support.
Strong English communication skills.
Self-motivated, proactive, strong problem-solving skills and accountability for deliverables.
Experience working in an Agile environment.
(Nice-to-have) Relevant certifications such as GCIH, GCFA, GREM, GCIA, or similar.
(Nice-to-have) Hands-on experience with Google Chronicle.
(Nice-to-have) Hands-on experience with Web Application Firewall configuration (e.g., Cloudflare).
(Nice-to-have) Proficiency using CI/CD systems and Infrastructure as Code (e.g., Python Pulumi).
(Nice-to-have) Knowledge of Cloud Control Frameworks (CIS, CSA, NIST).
(Nice-to-have) Web and mobile application security knowledge.
(Nice-to-have) Experience in security research, bug bounty programs or CTFs.