Responsibilities
- Respond to security threats, incidents and investigations to protect customers, employees and enterprise data in a fast, efficient and standardised manner
- Conduct security analysis and forensics
- Respond to high-priority alerts
- Contribute to automations and agentic capabilities
- Respond to incidents as part of a distributed 24x7 operations and on-call schedule
- Triage and respond to security events and alerts, ensuring quick and effective containment
- Contribute to security investigations, conducting analysis and forensics across a range of data sources to determine the timeline and impact of security events
- Build automations, including leveraging AI and agentic platforms, to deliver autonomous capabilities, expedite your work and scale the impact of the team
Requirements
- Bachelor's Degree AND 4+ years experience in Incident Response work OR Master's Degree AND 2+ years experience
- Strong cloud security background in at least 1 of AWS, GCP or Azure, and working knowledge of the others
- Knowledge of AI/LLM and agentic capabilities, including effective prompting and use of MCP, agents and agent skills
- Broad security subject matter expertise
- Expertise in few core IR skills (DFIR, Reverse Engineering, Traditional Network Security, Storage and access security, Sandboxing, Compute security, etc.)
- Experience with Enterprise Security and SaaS applications
- Working knowledge of a SIEM and SOAR
- Experience with building Incident Response Tooling and scripting language skills
Nice to Have
- Prefer experience with building and operating agentic systems in a security setting
Work Arrangement
Remote (Worldwide)
Additional Information
- Respond to incidents as part of a distributed 24x7 operations and on-call schedule
- Communicate technical decisions through design docs and tech talks
- Mentor junior security responders via security guidance, design reviews and code reviews
- Compliance: Employer may decline to proceed with an applicant if access to export-controlled technology or source code requires a U.S. government license