Source Job

Europe

  • Respond to security incidents as part of a distributed 24x7 on-call schedule, triaging and containing events.
  • Conduct security investigations and forensics across data sources to determine event timelines and impact.
  • Build automations leveraging AI and agentic platforms to expedite incident response and scale team impact.

Cloud Security Incident Response SIEM Scripting

20 jobs similar to Sr Security Engineer, Incident Response

Jobs ranked by similarity.

$135,481–$182,160/yr
US

  • Monitor security events and provide technical analysis on alerts.
  • Lead information security incidents and employee investigations, developing response strategies.
  • Deliver security guidance and coordinate building services to support security operations.

Samsara is the pioneer of the Connected Operations Cloud, helping organizations that depend on physical operations harness IoT data to improve safety, efficiency, and sustainability. As a recently public company with a culture that encourages rapid career development, they support a flexible, employee-led remote model.

$122,500–$165,000/yr
US

  • Proactively identify and respond to emerging security threats and incidents.
  • Develop detection techniques and manage core security tooling such as SIEM and orchestration platforms.
  • Collaborate across teams to support security projects and participate in on-call rotations.

Circle is a leading internet financial platform company building infrastructure for digital assets, stablecoins, and blockchain. They have a flexible work environment with values of high integrity and multistakeholder collaboration.

US 4w PTO

  • Work cross-functionally to design, build, and operate solutions that automate and improve security capabilities.
  • Lead incident response efforts, analyze security trends, and refine security documentation like policies and standards.
  • Mentor junior engineers and coach team members to drive security outcomes across the organization.

Aledade is a public benefit corporation that empowers independent primary care practices through value-based care, helping them deliver better patient outcomes while thriving financially. Founded in 2014, the company has grown to become the largest network of independent primary care in the US, fostering a collaborative, inclusive, and remote-first culture.

India

  • Monitor, triage, and analyze security alerts and log data across enterprise security platforms, including SIEM and detection technologies.
  • Perform in-depth analysis of exploits, attacker behavior, and anomalous activity across endpoint, identity, network, cloud, and application data sources.
  • Support incident response activities, improve detections, and contribute to information security projects that strengthen overall security posture.

AHEAD builds platforms for digital business by weaving together advances in cloud infrastructure, automation and analytics, and software delivery. The company prioritizes a culture of belonging and is an equal opportunity employer.

$100,000–$165,000/yr
US Unlimited PTO

  • Lead security operations including vulnerability management, incident response, and SIEM platform maturity.
  • Administer Microsoft security tools (Defender, Purview, Entra) and support compliance frameworks like SOC 2 and HITRUST.
  • Drive risk reduction through security awareness, risky user remediation, and cross-functional collaboration.

Sequel develops next-generation drug-delivery advancements, starting with the twiist Automated Insulin Delivery System for diabetes management. It is headquartered in New Hampshire and fosters a culture of hard work, fun, and support.

Netherlands

  • Design, implement, and optimize security monitoring, incident response, and detection capabilities across modern cloud and infrastructure ecosystems.
  • Build and maintain SIEM and log management capabilities, ensuring centralized log collection, normalization, and retention policies.
  • Automate operational security processes such as alert enrichment, incident notifications, and response orchestration.

Jobgether is an AI-powered job matching platform that connects candidates with hiring companies. They operate as a partner company managing applications and next steps, fostering a collaborative, transparent, and innovation-driven culture with a focus on professional growth and well-being.

US

  • Develop new cyber detections for threats using SIEM and other security tooling.
  • Assess software and service requests and deploy solutions to secure infrastructure, data, and people.
  • Respond to security incidents and drive mitigation and remediation efforts.

Stack develops revolutionary AI and autonomous systems for the trucking industry to enhance safety and efficiency. The team has decades of experience deploying real world systems and is committed to building a culture of inclusion and innovation.

$100,000–$160,000/yr
North America

  • Build and lead a high-performing Infrastructure Security team focused on cloud security, SASE, WAF, and edge technologies.
  • Drive security improvements, maintain KPIs on cloud security posture and incident response, and ensure tactical team oversight.
  • Partner with cross-functional teams and assume the role of Incident Manager during cloud or edge security events.

Applied Systems is an insurtech company that delivers innovative software and services to transform the insurance industry. With over 40 years of experience, the company fosters a culture of learning, collaboration, and diversity to empower its employees and customers alike.

US Unlimited PTO 12w maternity 12w paternity

  • Monitor logs, alerts, and telemetry to detect threats across infrastructure and cloud environments.
  • Perform in-depth security analysis and investigations to assess risk and identify root causes.
  • Coordinate and execute incident response efforts including containment, mitigation, and recovery.

Binance.US is a licensed and regulated U.S. crypto platform providing secure access to over 190 cryptocurrencies. As a remote-first team, we innovate to bridge traditional finance and Web3, helping bring financial freedom within reach for all.

Europe

  • Join the security team to build world-class security into products, focusing on operations, monitoring, and incident response.
  • Proactively improve security across codebase, product, cloud, and customer deployments.
  • Work as a generalist covering all facets of security, from application testing to threat modeling.

Sourcegraph builds the world's most powerful code intelligence platform, helping developers and agents navigate complex codebases. They are a globally distributed team backed by a16z, Sequoia, and Redpoint, with a culture of high agency and direct communication.

United States

  • Lead the team responsible for detecting, investigating, responding to, and learning from security events
  • Manage and coach a team of engineers while remaining close to technical work such as detection design, alert tuning, and incident response
  • Manage relationships with security operations vendors and work closely with Security, Engineering, IT, and Compliance to protect patient and provider data

Rula is a remote-first company dedicated to making mental healthcare work for everyone. We believe mental health is as important as physical health and aim to create a world where it is embraced as an integral part of well-being.

$71,640–$124,176/yr
US 4w PTO

  • Perform in-depth analysis, triage, and response to security threats following documented policies and playbooks.
  • Monitor and analyze security events using SIEM, EDR, and assess risk levels of cyber threats.
  • Escalate higher-risk events and collaborate with incident response teams to drive incident handling.

Experian is a global data and technology company that powers opportunities for people and businesses by redefining lending, preventing fraud, and creating digital solutions. With 23,300 employees across 32 countries, the company emphasizes inclusion, work-life balance, and has been recognized as a World's Best Workplace in 2024.

$140,000–$175,000/yr
Global

  • Design, build, and improve automated evidence collection and SOAR playbooks to increase incident investigation speed and consistency.
  • Integrate SIEM, EDR, IAM, and other platforms to enable unified response actions and stronger analyst context.
  • Develop scripts and tooling supporting triage, containment, forensic collection, and operational response workflows.

NBCUniversal is a leading media and entertainment company that creates and distributes world-class content across film, television, and streaming, and operates global theme parks. A subsidiary of Comcast Corporation, it champions an inclusive culture and strives to attract and develop a talented workforce.

$73,000–$80,300/yr
Canada Unlimited PTO

  • Partner with engineering teams to design, build, and operate secure-by-default cloud infrastructure across AWS and Google Cloud.
  • Build reusable Terraform modules and policy-as-code guardrails to make secure implementation easier for engineering teams.
  • Operate CSPM/CNAPP tooling and drive remediation of cloud vulnerabilities and misconfigurations.

Fullscript is a health technology company that provides a platform for practitioners to access clinical insights, lab interpretations, and high-quality supplements, serving over 125,000 practitioners and 10 million patients. The company has a remote-first culture, emphasizes work-life balance, and values inclusivity and continuous learning.

$185,000–$230,000/yr
US Unlimited PTO 13w maternity 12w paternity

  • Lead Flock's Security Incident Response Team (PSIRT) as the single point of accountability for all externally-reported and internally-discovered vulnerabilities.
  • Own the CNA, CVD program, and drive fixes across Hardware, Firmware, SRE, Mobile, ML, Legal, and more.
  • Set SLAs, metrics, playbooks, and public security advisories, reducing risk for devices and customers.

Flock builds technology that reduces crime and protects privacy, partnering with cities, businesses, schools, and neighborhoods. With over $1B in funding and an $8.3B valuation, they are a high-performance team united by urgency, ownership, and a shared commitment to meaningful impact.

Global

  • Lead the Security Operations Team to protect global IT infrastructure, ensuring system confidentiality, integrity, and availability.
  • Oversee incident response, vulnerability management, and continuous security posture improvements across the organization.
  • Collaborate with IT, Engineering, and Compliance teams to embed security into every layer of the business.

Unit4 is a cloud ERP company redefining enterprise resource planning for mid-market people-centric organizations. With over 40 years of heritage, it fosters a people-first culture with a high-performance team and a focus on employee empowerment.

$80,300–$116,800/yr
North America

  • Design, build, and maintain cloud infrastructure across Azure, GCP, and AWS, including landing zones, Kubernetes, and CI/CD pipelines.
  • Implement monitoring, security, and hybrid connectivity for enterprise-scale cloud environments.
  • Collaborate cross-functionally, mentor engineers, and leverage AI tools to accelerate infrastructure development.

Applied is an Insurtech company that builds technology solutions for insurance professionals. With over 40 years of experience, they foster a culture of trust, inclusion, and growth.

$100,000–$125,000/yr
US Unlimited PTO

  • Own the operational health of one or two engineering domains (identity, network, cloud, endpoint, monitoring) and lead cross-team security initiatives.
  • Design security patterns, reference architectures, and standards that the team executes against, ensuring audit-ready documentation.
  • Mentor mid and associate engineers through pairing, code review, and clear standards to elevate team capability.

Aprio is a Top 20 CPA and advisory firm with over 40 U.S. office locations, international offices, and more than 3,200 team members speaking 60+ languages. They provide expertise and strategic foresight for fast-growing industries, fostering a progressive and innovative culture.

Europe

  • Champion and implement security best practices and automated tooling across Spotify's infrastructure and platforms.
  • Partner closely with teams to integrate security throughout the software development lifecycle from design to deployment.
  • Conduct threat modeling, security reviews, and risk assessments for both AI and non-AI systems.

Spotify is the world's most popular audio streaming subscription service, unlocking the potential of human creativity by giving artists the opportunity to live off their art. With over 700 million users, the company values curiosity, collaboration, and a willingness to both teach and learn from others.

Spain 5w PTO

  • Bolster Auctane's global engineering and operations within the Information Security Group, reporting to the CISO.
  • Lead security programs defining technology and processes for cybersecurity, focusing on Enterprise and Cloud Infrastructures.
  • Manage core security operations, incident response, and vulnerability management while promoting security by design.

Auctane provides mailing and shipping software products that enable businesses of all sizes to send billions of items annually, worth over $200 billion, to recipients worldwide. The company, with a family of brands including ShipStation and Stamps.com, values a flat and open engineering culture and emphasizes teamwork, customer delight, and delivering great outcomes.