Job ID: JOB_ID_4250
Job Overview:
The Senior Cybersecurity Incident Response Engineer is responsible for creating, driving, and executing standards, procedures, and processes that manage, mitigate, and reduce the risk of cyberattacks. This role supports global Security Operations through participation in operational activities, security engineering, and development initiatives. The engineer will participate in a 24/7 on-call rotation for alert triage, investigation, and response when required.
Key Responsibilities:
- Own and drive portions of one or more security functions including: Incident Response, Threat Detection, Offensive Security.
- Design and implement automation and orchestration solutions to reduce manual operational tasks.
- Perform high-level intrusion detection and defensive analysis.
- Drive and support security audit, compliance, and risk-reduction initiatives.
- Develop, test, and manage offensive and defensive security tools.
- Provide technical guidance and mentorship to junior team members.
- Develop and deliver organizational-level security metrics and reports.
- Define and implement logging requirements to improve threat detection and response capabilities.
- Lead and deliver team-level security projects aimed at reducing the overall risk or impact of cybersecurity incidents.
Required Qualifications:
- Bachelors degree in Computer Science, Information Security, or related field, or equivalent work experience.
- 6+ years of experience in one or more of the following areas: Incident Response, Security Engineering, Security Operations, Offensive Security, Threat Emulation, Penetration Testing.
- 3+ years of experience building automation or workflows to scale security operations.
- Experience identifying and addressing telemetry gaps in security monitoring.
- Experience developing and supporting cybersecurity metrics and operational reporting.
- Experience leading Purple Team exercises, including threat hunting, telemetry validation, and detection effectiveness testing.
- Strong ability to lead complex incident investigations and adapt response strategies based on evolving information.
- Advanced analytical skills to investigate network, host, cloud, and identity platforms.
- Ability to work independently in a globally distributed environment.
- Excellent written and verbal communication skills with strong collaboration abilities.
- Ability to work under tight deadlines and high-pressure environments while balancing multiple priorities.
- Strong investigative, analytical, and problem-solving skills.
- Ability to translate business needs into effective security solutions.
Technical Skills:
- Operating Systems: Windows, Linux, macOS
- Scripting / Programming: PowerShell, Python, JavaScript, TypeScript
- Digital Forensics: FTK, EnCase, X-Ways, SIFT
- Cloud Platforms: AWS (required), Azure or GCP (preferred)
- Identity & Access Management: Active Directory, Okta, SAML, OAuth, OpenID, JWT
- Security Platforms: SIEM: Splunk, EDR: CrowdStrike, Microsoft Defender
- Infrastructure & Networking: Physical and Virtual Networking technologies, DNS architecture and security, Email security systems
- Enterprise Platforms: Microsoft 365 ecosystem, Microsoft domain environments, ServiceNow (preferred)
Special Requirements
Visa: H1B Only with PP Number. Requires participation in a 24/7 on-call rotation. Screening steps, interview modes, and domain restrictions not specified.
Compensation & Location
Salary: $75 – $95 per year
Location: Remote
Recruiter / Company – Contact Information
Email: neeraj.mahra@sparinfosys.com
Recruiter Notice:
To remove this job posting, please send an email from
neeraj.mahra@sparinfosys.com with the subject:
DELETE_JOB_ID_4250