SOC / Incident Response Engineer

CyberData TechnologiesHerndon, VA
Hybrid

About The Position

The SOC / Incident Response Engineer supports enterprise security monitoring, incident response, and threat detection across a hybrid IT environment, including on-premises infrastructure and cloud services. This role provides advanced security analysis, threat hunting, and detection engineering to strengthen organizational cybersecurity operations and continuous monitoring capabilities.

Requirements

  • Experience with enterprise security monitoring
  • Experience with incident response
  • Experience with threat detection
  • Experience in a hybrid IT environment (on-premises and cloud)
  • Advanced security analysis skills
  • Threat hunting skills
  • Detection engineering skills
  • Experience executing incident response processes
  • Familiarity with incident response plans, SOPs, playbooks, and analyst workflows
  • Experience developing and maintaining incident response SOPs, playbooks, workflows, and operational guidelines
  • Experience implementing and integrating new incident response and threat intelligence capabilities
  • Experience monitoring cloud-based Web Application Firewall (WAF) solutions
  • Experience protecting web applications from vulnerabilities, bot attacks, API abuse, and application-layer DDoS attacks
  • Experience recommending and implementing improvements to incident response policies, procedures, and operational processes
  • Experience researching emerging incident response technologies
  • Experience evaluating security tools
  • Experience recommending enhancements to improve incident response capabilities

Responsibilities

  • Execute incident response processes in accordance with established incident response plans, standard operating procedures (SOPs), playbooks, and analyst workflows.
  • Develop and maintain incident response SOPs, playbooks, workflows, and operational guidelines aligned with industry best practices and recognized cybersecurity frameworks.
  • Implement and integrate new incident response and threat intelligence capabilities with existing security tools and the organization's cybersecurity ecosystem.
  • Monitor cloud-based Web Application Firewall (WAF) solutions to protect web applications from vulnerabilities, bot attacks, API abuse, and application-layer Distributed Denial of Service (DDoS) attacks.
  • Recommend and implement improvements to incident response policies, procedures, and operational processes.
  • Research emerging incident response technologies, evaluate security tools, and recommend enhancements to improve incident response capabilities.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service