Sr Cybersecurity Engineer - Incident Response

About The Position

Requirements

• Deep understanding of networking fundamentals, including TCP/IP, the OSI model, subnetting, routing and switching, load balancing concepts, and both local and wide area networking protocols.
• Experience configuring and triaging multiple host and server operating systems (Windows, macOS and Linux)
• Strong proficiency with application-layer protocols such as HTTP, SSH, SSL/TLS, and DNS, and how they impact security architecture and operations.
• Advanced expertise in infrastructure design, management, and securing enterprise environments across servers, clients, users, networks, and data storage platforms.
• Extensive cloud security knowledge, including hands-on experience securing deployments in Microsoft Azure, AWS, and Google Cloud Platform, as well as containerized and Kubernetes-based environments, managed PaaS services, Agile, and DevOps ecosystems.
• Demonstrated ability to manage infrastructure and security controls through CI/CD pipelines and automated workflows, including scripting and automation using languages such as Python, Go, and JavaScript.
• Strong understanding of IT Service Management (ITSM) best practices, project management methodologies, and experience using UML design tools to document and communicate system designs.
• Familiarity with IR specific frameworks "i.e. NIST Incident Response Lifecycle and/or MITRE ATT&CK Framework"
• Commitment to staying current on evolving security and privacy legislation, regulations, vulnerabilities, advisories, and emerging threats.
• Excellent analytical skills with the ability to apply structured analysis methods to identify trends, assess risk, and evaluate business impact from complex datasets.
• Strong communication and leadership skills, including technical writing, documentation (Visio and Microsoft Office tools), mentoring junior engineers, and collaborating effectively across technical and non-technical teams.
• Demonstrated ability to think strategically, solve problems creatively, and approach challenges with an open, innovative, and detail-oriented mindset while maintaining effective planning, time management, and delegation skills.
• 3-5 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred
• 3-5 years of experience in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred
• High School Diploma or equivalent required
• Bachelor’s Degree in related field or equivalent work experience strongly preferred

Nice To Haves

• Experience in hands‑on alert triage, ongoing monitoring, and investigation is a plus
• One or more security and cloud related certifications, such as CISSP, CCNP-Security, GIAC, CEH, or CPTS, AWS Certified DevOps Engineer - Professional, Microsoft Cybersecurity Architect, highly preferred

Responsibilities

• Design, develop, test, and deploy scalable detection logic across SIEM and cloud environments using mature IoC principles, detections‑as‑code practices, Git, and automated pipelines.
• Write, maintain, and review production‑quality code (Python, JavaScript, PowerShell, Bash) to support security detections, automation, custom tooling, and API integrations.
• Build, enhance, and maintain SOAR playbooks integrated with incident response and case management systems to enable enrichment, automation, and rapid response.
• Partner closely with SOC and Incident Response teams to understand workflow bottlenecks, serve as an escalation point for detection pipelines and tooling, and reduce time‑to‑resolution.
• Translate threat intelligence, post‑incident analysis, and tabletop exercise outcomes into actionable detections, automation, and security control improvements.
• Proactively evaluate emerging security technologies and capabilities, providing recommendations that strengthen protection of enterprise information assets.
• Collaborate with cybersecurity leadership to plan and execute initiatives that accelerate organizational security maturity and operational effectiveness.
• Support security governance efforts by maintaining procedures, standards, and technical documentation, and by participating in periodic risk assessments.

Benefits

• Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pays and nine company holidays.
• Competitive pay and bonus eligibility
• Flexible hybrid work environment, 4-days a week in office