CrawlJobs Logo

Incident Responder

United Kingdom, London · Job Posted July 04, 2026
Apply Position
Job Link Share

Job Description

Wiz is looking for an experienced Incident Responder to join our IR team. The team will support customers in responding to cloud incidents and proactively hunt for undetected threats. We are seeking an adventurous Incident Responder with a strong cloud security foundation who is adaptable, innovative, and eager to collaborate in building something impactful from the ground up!

Job Responsibility

  • Investigate real-world cyber-attacks on customers’ cloud environments and cloud workloads, understanding their root causes and the full scope of compromise, leveraging the Wiz platform
  • Perform proactive threat hunting to identify undetected cyber-attacks and cloud threats within customer environments
  • Collaborate with customer teams during engagements to effectively respond to threats
  • Develop and deliver professional engagement reports, including high-level summaries and deep dives into technical findings
  • Develop and document incident response methodologies, best practices, and standard operating procedures tailored to cloud environments and cloud workloads
  • Collaborate with the threat research and engineering groups to refine and enhance incident response detections, tools, and features, based on real-world investigation experiences

Requirements

  • 5+ years of experience in cyber-security, cyber-incident response, and threat hunting
  • Solid foundation in Cloud Security, with familiarity in cloud services, Kubernetes, cloud architecture, and major providers (AWS, GCP, Azure)
  • In-depth knowledge of OS internals for both Windows and Linux
  • Strong analytical skills with a keen attention to detail
  • Experience with scripting languages and querying languages
  • Excellent communication skills, both verbal and written
  • Passion to solve any problem and to thrive as an independent and innovative Incident Responder

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Incident Responder

8 matching positions

New

Incident Responder

Wiz is looking for an experienced Incident Responder to join our newly establish...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in cyber-security, cyber-incident response, and threat hunting
  • Solid foundation in Cloud Security, with familiarity in cloud services, Kubernetes, cloud architecture, and major providers (AWS, GCP, Azure)
  • In-depth knowledge of OS internals for both Windows and Linux
  • Strong analytical skills with a keen attention to detail
  • Experience with scripting languages and querying languages
  • Excellent communication skills, both verbal and written, in Hebrew and English
  • Passion to solve any problem and to thrive as an independent and innovative Incident Responder
  • Applicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship
Job Responsibility
Job Responsibility
  • Investigate real-world cyber-attacks on customers’ cloud environments and cloud workloads, understanding their root causes and the full scope of compromise, leveraging the Wiz platform
  • Perform proactive threat hunting to identify undetected cyber-attacks and cloud threats within customer environments
  • Collaborate with customer teams during engagements to effectively respond to threats
  • Develop and deliver professional engagement reports, including high-level summaries and deep dives into technical findings
  • Develop and document incident response methodologies, best practices, and standard operating procedures tailored to cloud environments and cloud workloads
  • Collaborate with the threat research and engineering groups to refine and enhance incident response detections, tools, and features, based on real-world investigation experiences
Read More
Arrow Right

Senior Incident Responder (Advanced IR & Forensics)

We are currently seeking a Senior Incident Responder (Advanced IR & Forensics) R...
Location
Location
United States , Plano
Salary
Salary:
106000.00 - 142000.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in incident response, digital forensics, or threat hunting
  • Proven leadership in handling enterprise-scale or breach-level incidents
  • Experience working with legal, compliance, and external response teams
  • Advanced digital forensics and malware analysis
  • Threat hunting and adversary emulation
  • Detection engineering and playbook development
  • Executive communication and decision support
  • GIAC GCFA
  • GIAC GREM
  • GIAC GNFA
Job Responsibility
Job Responsibility
  • Lead response for critical incidents including ransomware and APTs
  • Perform advanced disk, memory, and malware forensics
  • Reconstruct full attack lifecycles and assess business impact
  • Drive threat hunting and proactive detection improvements
  • Develop and enhance IR playbooks, detection rules, and response strategies
  • Lead post-incident reviews and continuous improvement initiatives
What we offer
What we offer
  • Medical, dental, and vision insurance with an employer contribution
  • Flexible spending or health savings account
  • Life and AD&D insurance
  • Short and long term disability coverage
  • Paid time off
  • Employee assistance
  • Participation in a 401k program with company match
  • Additional voluntary or legally-required benefits
  • Fulltime
Read More
Arrow Right

Cloud Incident Responder (Vice President)

At Citi, we get to connect millions of people across hundreds of cities and coun...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years of relevant experience in Cloud Security and/or Incident Response
  • Demonstrated technical expertise and genuine interest in Cloud security-focused services, tools, technologies and wider ecosystem
  • Hands-on experience with security constructs and incident response within SaaS/PaaS offerings — specifically Snowflake, MongoDB, and M365 Security — including monitoring, threat detection, and response capabilities within these platforms
  • Problem-solving capabilities with a strong understanding of security incident response processes, excellent technical documentation skills, and proven analytical skills to tackle novel, complex security challenges
  • Experience with any log aggregation & analytics tools such as Splunk, Sentinel, Chronicle and understanding of specific logging/auditing features of Snowflake, MongoDB, and M365
  • Security Tooling Experience with Aquasec, Wiz, AppOmni or similar cloud-native security platforms is a strong advantage
  • Ability to operate independently with minimal oversight when dealing with technical analysis
  • Relevant cloud focused certifications and accreditations are preferable, but not mandatory
  • Bachelor’s degree/University degree or equivalent experience
  • Master’s degree preferred
Job Responsibility
Job Responsibility
  • Perform incident response functions including but not limited to: Detailed cloud-focused investigations by analyzing logs from CSPs, Snowflake, MongoDB, and M365 security platforms
  • Orchestrating the execution of automation to gather forensic artifacts (memory, disk, cloud resource configurations) for in-depth analysis
  • Implementing and overseeing cloud-native automation for decisive resource containment actions across compromised environments, including data platforms
  • Conducting advanced host-based and cloud-native analytical functions (digital forensics, metadata analysis) to proactively uncover Indicators of Compromise (IOCs) and Tactics, Techniques and Procedures (TTPs)
  • Ensuring meticulous documentation capturing the Who, What, When, Where, Why and How of each incident, with a focus on actionable insights
  • Architect, refine, and champion cutting-edge incident response playbooks that proactively address emerging threats across cloud, SaaS, PaaS, and M365 ecosystems, driving operational excellence and swift resolution
  • Take ownership for and innovate the development of new automation capabilities and supporting playbooks across assigned cloud and enterprise SaaS/PaaS domains, fostering a culture of continuous improvement
  • Collaborate strategically with application and infrastructure stakeholders to identify key components and information sources — cloud environments, instances, middleware, applications, databases (Snowflake, MongoDB), M365 logs — influencing security architecture decisions
  • Engage with global multidisciplinary groups for triaging, defining scope, and investigating large-scale security incidents impacting diverse cloud and enterprise systems, acting as a central coordinator and trusted advisor to the CISO business function
  • Actively participate in threat modeling of new services and capabilities, readiness exercises such as purple team, tabletops, and CTFs — especially those involving cloud data, Snowflake, MongoDB, and M365 security scenarios — sharing expertise and influencing strategy
  • Fulltime
Read More
Arrow Right

Cybersecurity Incident Responder

We are currently seeking a Cybersecurity Incident Responder to join our team in ...
Location
Location
United States , Fort Bragg
Salary
Salary:
90146.00 - 150244.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 7 years' of professional experience
  • Minimum 4 years' of experience in cybersecurity, help desk, system administration, SOC, or IR
  • Minimum 1 year of experience in Incident Response lifecycle (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned)
  • Minimum 1 year of experience in Email phishing investigations
  • Minimum 1 year of experience with one or more: Splunk and Elastic for Cloud, Endpoint Detection & Response (EDR) tools, Antivirus platforms, Vulnerability scanners (ACAS), ServiceNow, Remedy or similar ticketing systems
  • DoD 8570/8140 certification: CompTIA Security+ CE
  • Top Secret Security Clearance, SCI eligible
Job Responsibility
Job Responsibility
  • Detecting, analyzing, containing, eradicating, and recovering from cybersecurity incidents across enterprise, endpoint, network, and cloud environments
  • Conducting investigations and responding to cybersecurity alerts and confirmed incidents across enterprise networks and cloud platforms such as AWS, Microsoft Azure, and Google Cloud
  • Executing containment actions on compromised systems or accounts
  • Supporting eradication and recovery efforts
  • Documenting all response activities through incident closure
  • Analyzing malware infections and responding to indicators of ransomware, trojans, spyware, and unauthorized software
  • Coordinating host containment and remediation actions such as antivirus or EDR scanning, reimaging, and evidence preservation
  • Managing spillage and data-loss events by containing and sanitizing affected systems
  • Coordinating reporting and remediation
  • Supporting insider-threat or data-exfiltration investigations
What we offer
What we offer
  • Medical, dental, and vision insurance with an employer contribution
  • Flexible spending or health savings account
  • Life and AD&D insurance
  • Short and long term disability coverage
  • Paid time off
  • Employee assistance
  • Participation in a 401k program with company match
  • Additional voluntary or legally-required benefits
  • Fulltime
Read More
Arrow Right

Cyber Incident Responder

Accenture’s Security Practice is one of the fastest growing areas of the busines...
Location
Location
Ireland , Dublin
Salary
Salary:
Not provided
accenture.com Logo
Accenture
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Manage and support end-to-end incident response investigations with Accenture’s customers
  • Identify and investigate intrusions to determine the cause and extent of the breach, by leveraging EDR, SIEM, and threat intelligence sources
  • Conduct host forensics, log analysis, network forensics, and malware analysis in support of incident response investigations
  • Conduct Threat Hunting across customer’s environments with indicators of compromise, hunting for evidence of suspicious behaviour
  • Conduct incident response within various Cloud platforms
  • Identify attacker tools, tactics, and procedures to develop indicators of compromise for CTI consumption
  • Work on proactive exercising and simulations, such as tabletops and purple teams
  • Work alongside the EMEA team in a follow-the-sun model for large engagements
  • Eligible for on-call responsibilities and meet SLAs for incoming incidents
  • Develop and implement remediation plans in conjunction with incident response
What we offer
What we offer
  • Comprehensive training covering business, technical and professional skills development
  • Opportunities to hone functional skills and expertise in Cyber Security
  • Integrated career counselling
  • Great opportunities for professional development and rapid advancement
  • Fulltime
Read More
Arrow Right
New

Red Hat Linux (RHEL) Administrator

Location
Location
United States
Salary
Salary:
120000.00 - 130000.00 USD / Year
glidefast.com Logo
GlideFast
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on Linux systems administration experience, with strong production support experience in Red Hat Enterprise Linux environments
  • Experience supporting high-availability, business-critical, or SLA-driven enterprise environments
  • Demonstrated experience with Linux patching, troubleshooting, hardening, performance analysis, incident response, and operational documentation
  • Linux Expertise: Strong command of RHEL administration, package management, systemd, networking, storage, logs, shell scripting, access controls, and troubleshooting
  • Operational Ownership: Ability to move beyond reactive ticket handling and proactively manage platform health, risk, and reliability
  • Incident Management: Ability to respond calmly and effectively during high-priority incidents, establish action plans, and drive issues to resolution
  • Analytical Troubleshooting: Strong problem-solving skills across operating system, virtualization, storage, application, database, and network layers
  • Security Mindset: Practical understanding of Linux hardening, vulnerability remediation, least privilege, audit readiness, and controlled change execution
  • Communication: Clear written and verbal communication with technical teams, service delivery leaders, and customer stakeholders
  • Documentation Discipline: Strong ability to document procedures, root cause analyses, runbooks, maintenance steps, and recurring health checks
Job Responsibility
Job Responsibility
  • Administer, monitor, and maintain Red Hat Enterprise Linux environments supporting mission-critical enterprise applications
  • Perform system patching, OS upgrades, package management, configuration changes, maintenance windows, and post-change validation
  • Manage user access, sudo privileges, SSH configuration, service accounts, file permissions, and administrative controls in alignment with security and change management practices
  • Maintain core Linux services and system components, including systemd services, logs, cron, networking, firewalls, storage mounts, LVM, and certificate-related support
  • Support backup, restore, and disaster recovery procedures by validating host readiness, service recovery steps, and operational runbooks
  • Monitor system performance, availability, capacity, disk utilization, memory, CPU, I/O, network connectivity, and service health across production and non-production environments
  • Diagnose and resolve Linux, virtualization, storage, networking, application runtime, and middleware issues that affect enterprise application performance
  • Apply security hardening practices for Linux servers, including vulnerability remediation, secure configuration baselines, access controls, and audit support
  • Troubleshoot Java/Tomcat or similar enterprise application runtime dependencies from the operating system layer as needed
  • Partner with database, application, monitoring, and customer infrastructure teams to resolve cross-platform performance or availability issues
What we offer
What we offer
  • medical
  • dental
  • vision
  • life insurance
  • discretionary bonuses
  • Fulltime
Read More
Arrow Right
New

Mysql/Mariadb Database Administrator

We are seeking an experienced MySQL/MariaDB Database Administrator to join our M...
Location
Location
United States
Salary
Salary:
120000.00 - 130000.00 USD / Year
glidefast.com Logo
GlideFast
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong command of MySQL/MariaDB administration, replication, query tuning, indexes, stored procedures, logs, and configuration management
  • Ability to move beyond reactive ticket handling and proactively manage platform health, risk, and reliability
  • Ability to respond calmly and effectively during high-priority incidents, establish action plans, and drive issues to resolution
  • Strong problem-solving skills across database, operating system, storage, application, and network layers
  • Clear written and verbal communication with technical teams, service delivery leaders, and customer stakeholders
  • Strong ability to document procedures, root cause analyses, runbooks, maintenance steps, and recurring health checks
  • MySQL and MariaDB database platforms, including replication and high-availability operational patterns
  • Linux/RHEL command-line administration sufficient to support database operations, log analysis, and system-level troubleshooting
  • Monitoring and observability tools for database, operating system, application, and availability metrics
  • Backup, restore, and disaster recovery tooling and procedures
Job Responsibility
Job Responsibility
  • Administer, monitor, and maintain MySQL and MariaDB database environments supporting mission-critical enterprise applications
  • Manage database availability, performance, security, capacity, replication, and recoverability across production and non-production environments
  • Perform database patching, version upgrades, configuration tuning, maintenance windows, and post-change validation
  • Support backup, restore, and disaster recovery procedures, including periodic testing and documentation of recovery steps
  • Maintain database user access, privileges, service accounts, and administrative controls in alignment with security and change management practices
  • Monitor and troubleshoot MariaDB replication topology, replication lag, failover readiness, and data consistency issues
  • Diagnose and resolve database performance issues using query analysis, indexing, execution plans, connection/session analysis, slow query logs, and resource utilization metrics
  • Proactively identify database bottlenecks, poorly performing jobs, storage constraints, and configuration risks before they impact availability
  • Partner with Linux, application, middleware, and monitoring teams to resolve cross-platform performance issues
  • Contribute to database modernization planning, including potential future migrations or platform changes
What we offer
What we offer
  • Medical, dental, vision, and life insurance in addition to discretionary bonuses
  • Fulltime
Read More
Arrow Right
New

Networking Managed Services Engineer (L3)

As a Networking Managed Services Engineer (L3) at NTT DATA, you will lead in pro...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency in Pulse Secure SSL VPN, Virtual Juniper, Palo Alto, Fortinet Firewalls, Cisco Nexus switches, ASr and ISr routers, Cisco ACS, ISE, Meraki switches and access points, enterprise network architecture, routing protocols (BGP, OSPF, EIGrP), network address translation, and troubleshooting uplinks to ISPs for dIA, MPLS, and P2P circuits
  • Advanced Certifications on at least one or two above mentioned technologies
  • Excellent planning and project management abilities, taking changing circumstances into account
  • Strong communication skills, with the ability to work across different cultures and social groups
  • Effective active listening skills
  • A client-focused approach, prioritizing their requirements and creating positive experiences
  • Adaptability to changing circumstances and the ability to work diligently when necessary
  • A positive outlook and the ability to work well under pressure
  • A bachelor's degree in IT/Computing or equivalent work experience
Job Responsibility
Job Responsibility
  • Lead in providing exceptional managed services to our clients
  • Proactively identify and resolve technical incidents and problems
  • Ensure our clients meet all service level agreement (SLA) conditions
  • Identify root cause of critical incidents and implement solutions for problems identified
  • Manage high-complexity tickets, conduct thorough analyses, and provide resolutions to a variety of complex issues
  • Coach and mentor junior team members
  • Create knowledge articles for frequent tasks/issues and train junior team members
  • Provide inputs to automation teams to reduce manual efforts
  • Ensure clients' infrastructure is configured, installed, tested, and operational
  • Perform necessary checks and employ monitoring tools to respond to alerts
  • Fulltime
Read More
Arrow Right