Incident Response & Security Operations Engineer
Magnet Forensics
1d•Hybrid
About The Position
This isnât just another security operations role. As the Incident Response & Security Operations Engineer, you will play a critical role in protecting Magnet Forensics by leading security incident response efforts, strengthening operational security practices, and ensuring that detection and response functions work effectively at scale. You will serve as the central authority during security incidents, coordinating response activities across Information Security, IT, Business Systems, and thirdâparty security providers. Your work will directly influence how quickly and effectively the organization identifies threats, responds to incidents, and reduces operational risk. This role blends incident leadership, security operations judgment, and continuous improvement. Youâll be empowered to make decisions, improve processes, and ensure security operations remain resilient as the organization grows.
Requirements
- Bachelorâs degree in Cybersecurity, Computer Science, Information Technology, or equivalent practical experience
- Demonstrated experience leading or coordinating security incident response efforts
- Experience working in a coâmanaged SOC or managed detection and response environment
- Broad security operations experience across endpoint, email, identity, vulnerability management, SaaS, and cloud environments
- Strong judgment in assessing alert severity, business impact, and escalation needs
- Ability to operate effectively with incomplete or ambiguous information
- Strong written communication skills, including incident summaries and RCA documentation
- Proven ability to coordinate across multiple teams during operational events
- Processâoriented mindset with a focus on continuous improvement
Nice To Haves
- Experience supporting or participating in digital investigations or forensic workflows
- Familiarity with Magnet Forensics Axiom or similar digital forensic platforms
- Experience with tools such as Microsoft Defender, Proofpoint, Tenable, Jira, and related security platforms
- Experience supporting compliance or audit activities related to incident response
- Participation in tabletop exercises or incident readiness programs
- Experience mentoring or guiding analysts during incident response
- CISSP or CISM
- Microsoft Cybersecurity Architect Expert, or Azure Solutions Expert
- GCIH, GCED, or GCFA
- GCFA, GCFE, GNFA, or GCIA
- Digital forensics or incident response certifications aligned to enterprise environments
- Relevant vendor or platformâspecific certifications
Responsibilities
- Lead security incidents from initial triage through containment, remediation, recovery, and closure
- Assess alert severity, scope, and business impact to determine appropriate response actions
- Coordinate response efforts across IT, Business Systems, Compliance, Legal, and other stakeholders as needed
- Lead incident bridges and response coordination during active events
- Ensure incidents conclude with clear outcomes, documentation, and followâthrough
- Availability to respond and investigate incidents as part of the 365/24/7 SOC/NOC
- Own the operational relationship with managed detection and response providers
- Review and validate alert quality, relevance, and escalation decisions
- Ensure thirdâparty security services align with Magnetâs risk tolerance and operational needs
- Drive improvements in alert routing, escalation paths, response workflows, and automation
- Act as the internal authority on what constitutes actionable security signal
- Ensure vulnerability management and detection processes reduce exposure windows and support timely remediation
- Improve visibility into vulnerability trends and patching progress over time
- Identify and resolve operational bottlenecks that slow remediation or response efforts
- Partner with IT teams to improve workflows, ownership, and accountability
- Learn and utilize Magnet Forensics Axiom as part of incident investigation and response activities
- Support investigations involving computer, mobile device, and cloud data using a unified forensic platform
- Apply Axiom workflows to interrogate and analyze digital evidence during security incidents
- Leverage Magnet Axiom microlearning to build practical, realâworld forensic capability
- Ensure investigative findings support incident understanding, decisionâmaking, and documentation
- Serve as the escalation point for security tooling vendors when issues impact response timelines or risk reduction
- Hold vendors accountable to operational expectations and support commitments
- Evaluate tooling effectiveness from an operational and riskâreduction perspective
- Ensure security tools integrate cleanly into existing workflows
- Produce clear incident documentation including root cause, impact, response actions, and lessons learned
- Lead postâincident reviews and ensure corrective actions are tracked and implemented
- Identify recurring incident patterns and drive longâterm improvements to reduce repeat issues
- Act as the primary security point of contact during incidents for IT and Business Systems teams
- Communicate clearly and calmly during highâpressure situations
- Translate technical security findings into businessârelevant risk and impact
- Support readiness activities such as tabletop exercises and response testing
Benefits
- Generous time off policies
- Competitive compensation
- Volunteer opportunities
- Reward and recognition programs
- Employee committees & resource groups
- Healthcare and retirement benefits
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
