Lead or participate in computer security incident response activities for moderately complex events
Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
Review and correlate security logs
Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
Support incident response teams during security events, executing triage, investigation, containment, and recovery activities.
Support the Incident Commander by providing technical analysis, work management, and communications.
Utilize incident response tools (e.g., SIEM, SOAR, EDR, forensic utilities) to collect evidence and assess scope and impact.
Document incident timelines, actions taken, and technical findings.
Coordinate with SOC analysts, threat intelligence teams, platform owners, and business application partners as part of incident response efforts.
Escalate issues appropriately based on severity, risk, and business impact.
Communicate technical findings in clear, concise language to technical and non-technical stakeholders.
Assist in drafting incident summaries, after-action reports, and metrics for leadership review.
Contribute to the development, refinement, and maintenance of incident response playbooks, runbooks, and standard operating procedures.
Identify opportunities to streamline or automate recurring incident handling tasks.
Support lessons-learned activities and assist in driving corrective actions to reduce future risk.
Help maintain operational readiness across the enterprise by ensuring accurate documentation, consistent workflows, and alignment with incident management governance.
Use case management platforms, workflow tools, and alert pipelines to manage and track incident tasks.
Support improvements to detection and response capabilities by providing feedback to engineering and detection teams.
Assist in onboarding enhancements to incident management tooling, dashboards, and automation.

Requirements

4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
Practical experience in incident response, SOC operations, log analysis, or threat detection.
Working knowledge of core IR technologies: SIEM, EDR, SOAR, ticketing/case management, and forensic tools.
Familiarity with common attack vectors, malware behavior, network security principles, and threat actor TTPs.
Understanding of incident response methodologies and frameworks such as NIST 800-61, MITRE ATT&CK, NIST CSF, or ISO standards.
Hands-on experience with cloud, endpoint, identity, or network security technologies.
Experience in highly regulated environments or large-scale enterprise operations.
Exposure to scripting or automation (Python, PowerShell, SOAR playbooks).
Relevant certifications (e.g., GCIH, GCIA, GCFE, Security+, CySA+, CEH)
Strong analytical and troubleshooting skills with the ability to investigate complex technical issues under time pressure.
Effective verbal and written communication skills, including ability to summarize technical concepts clearly.

Benefits

Health benefits
401(k) Plan
Paid time off
Disability benefits
Life insurance, critical illness insurance, and accident insurance
Parental leave
Critical caregiving leave
Discounts and savings
Commuter benefits
Tuition reimbursement
Scholarships for dependent children
Adoption reimbursement

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

incident responsedigital forensicsrisk managementthreat identificationnetwork securitycloud securityendpoint securitylog analysisscriptingautomation

Soft Skills

analytical skillstroubleshooting skillscommunication skillscollaborationconsultingissue resolutiondocumentationstreamlining processestechnical analysisleadership

Certifications

GCIHGCIAGCFESecurity+CySA+CEH