Senior Security Engineer, Security Incident Response Team (SIRT)

New
Romania, 24/7 global incident response rotationFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page

Job Details

Required Skills
AWSPythonGCP

Requirements

  • Significant experience in security incident response, digital forensics, and investigations within cloud-first environments.
  • Hands-on expertise with AWS and/or Google Cloud Platform security operations and incident handling.
  • Strong experience with SIEM platforms, EDR solutions, and detection engineering practices.
  • Solid understanding of threat intelligence frameworks and adversary techniques, including familiarity with MITRE ATT&CK.
  • Experience developing automation solutions using scripting languages such as Python or leveraging SOAR platforms.
  • Interest or practical experience in applying AI, machine learning, or data-driven methodologies to security operations.
  • Strong analytical and problem-solving skills, with the ability to perform effectively during high-pressure incidents.
  • Experience using Git-based platforms within engineering or security environments.
  • Excellent written and verbal communication skills, with the ability to produce clear documentation and executive-level updates.
  • Demonstrated growth mindset, proactive approach to risk reduction, and commitment to continuous improvement.
  • Ability to participate in a rotating on-call schedule supporting a global, 24/7 incident response function.

Responsibilities

  • Lead end-to-end response activities for high-severity security incidents, from detection and triage through containment, eradication, and recovery.
  • Investigate complex cybersecurity events across cloud environments using advanced Digital Forensics and Incident Response (DFIR) methodologies.
  • Coordinate incident communications and provide clear updates to technical and executive stakeholders during critical events.
  • Design and improve detection strategies, including SIEM use cases, telemetry pipelines, and alerting mechanisms in collaboration with engineering teams.
  • Develop and enhance automation initiatives and AI-assisted workflows to accelerate investigations and improve response consistency.
  • Partner with threat intelligence teams to contextualize emerging threats and strengthen detection coverage.
  • Conduct root cause analyses and lead post-incident reviews to identify improvements and reduce future risks.
  • Create and maintain operational documentation, including runbooks, playbooks, and incident response procedures.
  • Collaborate with cross-functional stakeholders on proactive security initiatives, tabletop exercises, and resilience programs.
  • Mentor team members and contribute to the continuous maturity and scalability of incident response operations.
View Full Description & ApplyYou'll be redirected to the employer's site
View details
Apply Now