Incident Handler, Detection & Response Services
Rapid7
AWSAzureCloudCyber SecurityGoogle Cloud PlatformLinuxMacOSPython
Engineer II – Cyber Incident Response
Recruiting.com
full-time
Posted on:
Location Type: Remote
Location: Remote • Pennsylvania • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
Cyber SecuritySplunk
About the role
- Investigate and respond to cybersecurity incidents, including phishing, malware, ransomware, and unauthorized access attempts
- Perform analysis of logs, alerts, and forensic data to determine the scope and impact of incidents
- Escalate complex or high-severity incidents to Engineer III, Lead, or Principal staff, providing clear documentation and evidence
- Assist in containment, eradication, and recovery activities during incident response
- Contribute to the development and maintenance of SOC playbooks, runbooks, and standard operating procedures
- Collaborate with threat intelligence, vulnerability management, and forensics teams to strengthen detection and response strategies
- Participate in lessons-learned sessions and recommend improvements to SOC processes and tooling
- Support junior analysts (Engineer I) by sharing knowledge and providing guidance on investigative techniques
Requirements
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent work experience
- 3–5 years of progressive experience in cybersecurity, with at least 2 years in SOC operations or incident response
- Strong knowledge of cybersecurity fundamentals, incident response methodology, and adversary tactics
- Familiarity with industry frameworks such as NIST, MITRE ATT&CK, and ISO 27035
- Hands-on experience with SIEM, EDR, and forensic tools (e.g., Splunk, CrowdStrike, Wireshark)
- Demonstrated ability to analyze logs, alerts, and artifacts to support incident investigations
- Strong written and verbal communication skills for documenting findings and briefing stakeholders
- Preferred Certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), CompTIA Security+, CySA+, Certified Ethical Hacker (CEH)
Benefits
- Health insurance
- Dental and vision care
- Comprehensive suite of benefits focusing on physical, emotional, financial, and social wellness
- Support for working families including backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave
- Training programs and professional development opportunities
- Mentorship programs
- Employee resource groups
- Volunteer activities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurity fundamentalsincident response methodologyadversary tacticslog analysisalert analysisforensic data analysisincident containmentincident eradicationincident recoverySOC operations
Soft skills
communication skillsdocumentation skillscollaborationmentoringproblem-solving
Certifications
GIAC Certified Incident Handler (GCIH)GIAC Certified Intrusion Analyst (GCIA)CompTIA Security+CySA+Certified Ethical Hacker (CEH)
