Incident Handler, Detection & Response Services
Rapid7
AWSAzureCloudCyber SecurityGoogle Cloud PlatformLinuxMacOSPython
Engineer III – Cyber Incident Response
Recruiting.com
full-time
Posted on:
Location Type: Remote
Location: Remote • Pennsylvania • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
CloudCyber SecuritySplunk
About the role
- Lead the investigation and resolution of complex security incidents, including advanced persistent threats, ransomware, phishing campaigns, and insider activities.
- Perform forensic analysis across endpoints, networks, and cloud environments to identify root causes and scope of compromise.
- Develop and enhance incident response playbooks, runbooks, and detection use cases.
- Collaborate with threat intelligence, vulnerability management, and countermeasures teams to strengthen defenses.
- Escalate high-severity incidents to senior leadership and provide clear, actionable reporting.
- Act as a technical escalation point for Engineer I/II analysts during incident investigations.
- Contribute to red team and purple team exercises to validate and improve response capabilities.
- Participate in after-action reviews and lessons-learned sessions to improve SOC processes.
- Mentor and train junior engineers on incident response best practices and investigative techniques.
Requirements
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent work experience; Master’s degree preferred.
- Strong knowledge of incident response methodologies, digital forensics, and adversary tactics.
- Familiarity with security frameworks such as NIST, MITRE ATT&CK, and ISO 27035.
- 5–7 years of progressive experience in cybersecurity, with at least 3 years in incident response or SOC operations.
- Hands-on experience with SIEM, EDR, SOAR, and forensic tools (e.g., Splunk, CrowdStrike, EnCase, Wireshark).
- Proven ability to investigate advanced threats and coordinate response activities across teams.
- Demonstrated success in mentoring junior analysts and improving SOC processes.
- Strong written and verbal communication skills with the ability to document and present technical findings clearly.
Benefits
- Comprehensive suite of benefits
- Medical care
- Dental care
- Vision care
- Backup dependent care
- Adoption assistance
- Infertility coverage
- Family building support
- Behavioral health solutions
- Paid parental leave
- Paid caregiver leave
- Training programs
- Professional development resources
- Mentorship programs
- Employee resource groups
- Volunteer activities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
incident response methodologiesdigital forensicsadversary tacticsforensic analysissecurity frameworksadvanced persistent threatsransomwarephishing campaignsSIEMEDR
Soft skills
mentoringcommunicationcollaborationproblem-solvingreportingtrainingleadershipinvestigative techniquesteam coordinationprocess improvement
Certifications
Bachelor’s degree in CybersecurityBachelor’s degree in Computer ScienceBachelor’s degree in Information TechnologyMaster’s degree in CybersecurityMaster’s degree in Computer ScienceMaster’s degree in Information Technology
