Senior Security Engineer, Security Incident Response Team (SIRT)
New
Romania, 24/7 global incident response rotationFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Required Skills
- AWSPythonGCP
Requirements
- Significant experience in security incident response, digital forensics, and investigations within cloud-first environments.
- Hands-on expertise with AWS and/or Google Cloud Platform security operations and incident handling.
- Strong experience with SIEM platforms, EDR solutions, and detection engineering practices.
- Solid understanding of threat intelligence frameworks and adversary techniques, including familiarity with MITRE ATT&CK.
- Experience developing automation solutions using scripting languages such as Python or leveraging SOAR platforms.
- Interest or practical experience in applying AI, machine learning, or data-driven methodologies to security operations.
- Strong analytical and problem-solving skills, with the ability to perform effectively during high-pressure incidents.
- Experience using Git-based platforms within engineering or security environments.
- Excellent written and verbal communication skills, with the ability to produce clear documentation and executive-level updates.
- Demonstrated growth mindset, proactive approach to risk reduction, and commitment to continuous improvement.
- Ability to participate in a rotating on-call schedule supporting a global, 24/7 incident response function.
Responsibilities
- Lead end-to-end response activities for high-severity security incidents, from detection and triage through containment, eradication, and recovery.
- Investigate complex cybersecurity events across cloud environments using advanced Digital Forensics and Incident Response (DFIR) methodologies.
- Coordinate incident communications and provide clear updates to technical and executive stakeholders during critical events.
- Design and improve detection strategies, including SIEM use cases, telemetry pipelines, and alerting mechanisms in collaboration with engineering teams.
- Develop and enhance automation initiatives and AI-assisted workflows to accelerate investigations and improve response consistency.
- Partner with threat intelligence teams to contextualize emerging threats and strengthen detection coverage.
- Conduct root cause analyses and lead post-incident reviews to identify improvements and reduce future risks.
- Create and maintain operational documentation, including runbooks, playbooks, and incident response procedures.
- Collaborate with cross-functional stakeholders on proactive security initiatives, tabletop exercises, and resilience programs.
- Mentor team members and contribute to the continuous maturity and scalability of incident response operations.
View Full Description & ApplyYou'll be redirected to the employer's site