Senior Security Engineer, Security Incident Response Team (SIRT)
New
G
GitLabDevSecOps
Remote, EMEA, EMEA business hoursFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Required Skills
- AWSPythonGCP
Requirements
- Strong experience in security incident response and investigations in cloud-first environments.
- Hands-on experience with cloud platforms (AWS & GCP).
- Hands-on experience with SIEM, EDR, and/or detection engineering.
- Experience building or working with automation (e.g., Python, scripting, SOAR platforms).
- Experience using or administering Git/GitLab.
- Familiarity with threat intelligence and adversary tactics (e.g., MITRE ATT&CK).
- Interest or experience in applying AI/ML or data-driven techniques to security workflows.
- Strong analytical and problem-solving skills.
- Excellent written communication skills with a passion for clear, actionable documentation.
- Growth mindset with a proactive approach to identifying and mitigating security risks.
Responsibilities
- Lead and coordinate end-to-end incident response for high-severity security events.
- Investigate complex security incidents across cloud environments using DFIR methodologies.
- Partner with Signals Engineering to design and implement SIEM use cases, alerting strategies, and telemetry pipelines.
- Build and enhance automation and AI-assisted workflows to improve investigation speed and consistency.
- Conduct root cause analysis and lead post-incident reviews to drive continuous improvement.
- Develop and maintain runbooks, playbooks, and operational documentation.
- Collaborate cross-functionally across Engineering, Infrastructure, Legal, and Product teams.
- Mentor other engineers to elevate the team's incident response maturity.
View Full Description & ApplyYou'll be redirected to the employer's site