CrawlJobs Logo

Incident Response Security Engineer

ebrd.com Logo

European Bank for Reconstruction and Development

Location Icon

Location:
Bulgaria , Sofia

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We’re looking for a cloud-smart, threat-driven Cyber Incident Responder who thrives in the heat of real-time defence. In this role, you’ll be on the frontline of protecting our organisation, deploying advanced cloud-centric detections, tuning SIEM/SOAR engines, correlating signals across on-prem, cloud, network, and endpoint environments, and turning raw data into actionable intelligence. You’ll work hand-in-hand with threat hunters, intelligence teams, and our MSSP to expose malicious activity, contain threats fast, and shape the tactics that keep attackers out. If you want to work where cloud, security engineering, and high-stakes incident response collide, this is where you’ll make your mark. You’ll lead the technical charge during active incidents, produce authoritative forensic reports, and continuously evolve our detection and response capabilities using frameworks like MITRE ATT&CK and NIST CSF. From refining playbooks to strengthening automation pipelines, from driving DR/BCP readiness to communicating root causes with clarity and impact. You’ll be key to elevating our SOC into a proactive, intelligence-led, cloud-ready defence function. If you’re energised by deep analysis, fast decision-making, and staying one step ahead of adversaries, you’ll thrive in this mission-critical role.

Job Responsibility:

  • Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organisation
  • Correlates activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity
  • Reviews alerts and data from sensors, and documents formal, technical incident reports
  • Works with threat intelligence and/or threat-hunting teams
  • Provides network subscribers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary
  • Supports the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies
  • Works with security information and event management (SIEM) to manage/tune the system, create/manage the detection content and actively watch for alerts
  • Correlates network, cloud and endpoint activity across environments to identify attacks and unauthorised use
  • Works with the MSSP to identify events in incidents that may impact the network and co-ordinate with internal incident response teams to manage and resolve incidents
  • Participate in an on-call rota to provide after hours support for cyber security related incidents

Requirements:

  • Experience with SIEM and SOAR tools
  • Familiarity with incident response frameworks and methodologies, including frameworks like NIST CSF and MITRE ATT&CK
  • Expertise with incident response tools and technologies, including tools for security information and event management (SIEM), forensics, and threat intelligence
  • Expertise with developing and implementing incident response plans
  • Experience with reporting and communicating incident details, improving incident response processes and recovering from security incidents
  • Ability to perform independent analysis of complex problems and distil relevant findings and root causes
  • Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner
  • Familiar with cloud security concepts and best practices, as well as the security features and capabilities of major cloud platforms such as AWS, Azure, and GCP
  • Familiar with security automation tools and techniques, and be able to use them to automate security tasks and improve the efficiency of the SOC
What we offer:
  • Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in
  • A working culture that embraces inclusion and celebrates diversity
  • We offer hybrid and flexible working arrangements and believe we operate at our best when collaborating 3 days a week in person (minimum)
  • An environment that places sustainability, equality and digital transformation at the heart of what we do
  • A workplace that prioritises employee wellbeing and provides a comprehensive suite of competitive benefits

Additional Information:

Job Posted:
December 25, 2025

Expiration:
January 13, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
European Bank for Reconstruction and Development - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Incident Response Security Engineer

Incident Response Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
Netherlands
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python
Job Responsibility
Job Responsibility
  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right

Incident Response Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
United Kingdom
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python
Job Responsibility
Job Responsibility
  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right

Incident Response Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
Canada
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python
Job Responsibility
Job Responsibility
  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right

Incident Response Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
United States
Salary
Salary:
169150.00 - 225000.00 USD / Year
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python
Job Responsibility
Job Responsibility
  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
  • Fulltime
Read More
Arrow Right

Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in any security domain: Operations, Incident Response, Detection Engineering, Threat Research, or Engineering
  • Relevant work experience for responding to incidents and conducting investigations
  • Fluency in any modern programming languages (preferably Python, Ruby, Java or Go) or experience scripting to complete security tasks
  • Experience with AWS, GCP, or a similar cloud service platform
  • Self-motivated and results-oriented
  • Experience building and delivering projects from start to finish
  • Passion for collaboration and strong interpersonal skills
  • Specialization in one or more areas: malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Contributions to the security community or open source projects
  • Excellent written and verbal communication skills, including the ability to explain technical issues to non-technical stakeholders.
Job Responsibility
Job Responsibility
  • Act as an escalation point for security incidents, collaborating with stakeholders and communicating updates while actively working towards the resolution of incidents
  • Investigate and analyze log data stemming from security events across multiple sources to determine signs of compromise
  • Conduct post-incident reviews to analyze the root cause, assess the response, and recommend improvements
  • Participate in the on-call roster for security incident response
  • Deliver technical solutions to mitigate security incidents and enhance incident response capabilities
  • Advocate for security best practices and secure coding standards across the organization
  • Conduct threat hunts to identify new attack vectors and develop strategies to counteract them
  • Research tools and tactics employed by threat actors
  • Build and maintain tools and systems to automate response processes and improve efficiency
  • Develop and maintain security incident response playbooks and standard operating procedures
What we offer
What we offer
  • Health and wellbeing resources
  • Paid volunteer days
  • Support for accommodations or adjustments during recruitment process
  • Fulltime
Read More
Arrow Right

Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
184500.00 - 246000.00 PLN / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience: 3+ years in security domains like Operations, Incident Response, Detection Engineering, Threat Research, or Engineering, with relevant incident response and investigation experience
  • Technical Skills: Proficiency in modern programming languages (Python, Ruby, Java, Go) or scripting for security tasks
  • experience with AWS, GCP, or similar cloud platforms
  • Project Management: Experience in building and delivering projects from start to finish
  • Specialization: Expertise in areas such as malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Community Engagement: Contributions to the security community or open source projects
  • Communication: Capable of explaining technical issues to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Security Incident Management: Act as an escalation point, collaborate with partners, communicate updates, and work towards resolution
  • participate in on-call roster and conduct post-incident reviews to analyze causes and recommend improvements
  • Investigation and Analysis: Investigate log data from multiple sources for signs of compromise, conduct threat hunts, research threat actor tools and tactics, and lead evidence collection and forensic analysis
  • Technical Solutions and Automation: Provide technical solutions to reduce incidents, build and maintain tools for automation, and develop security incident response guides and procedures
  • Advocacy and Training: Advocate for security best practices and secure coding standards, and conduct tabletop exercises and simulations to test and improve incident response readiness
What we offer
What we offer
  • Health and wellbeing resources
  • paid volunteer days
  • equity
  • bonuses
  • commissions
  • Fulltime
Read More
Arrow Right

Senior Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
256000.00 - 342000.00 PLN / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in security domains like Operations, Incident Response, Detection Engineering, Threat Research, or Engineering, with relevant incident response and investigation experience
  • Proficiency in modern programming languages (Python, Ruby, Java, Go) or scripting for security tasks
  • Experience with AWS, GCP, or similar cloud platforms
  • Experience in building and delivering projects from start to finish
  • Expertise in areas such as malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Contributions to the security community or open source projects
  • Capable of explaining technical issues to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Security Incident Management: Act as an escalation point, collaborate with partners, communicate updates, and work towards resolution. Participate in on-call roster and conduct post-incident reviews to analyze causes and recommend improvements
  • Investigation and Analysis: Investigate log data from multiple sources for signs of compromise, conduct threat hunts, research threat actor tools and tactics, and lead evidence collection and forensic analysis
  • Technical Solutions and Automation: Provide technical solutions to reduce incidents, build and maintain tools for automation, and develop security incident response guides and procedures
  • Advocacy and Training: Advocate for security best practices and secure coding standards, and conduct tabletop exercises and simulations to test and improve incident response readiness
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

We’re building a world-class global Security team as part of our Trust Program. ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
highspot.com Logo
Highspot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of robust, progressive experience in security engineering, application security, DevSecOps, incident detection and response, or closely related fields
  • Advanced proficiency in at least one programming language (Python, Ruby, Go, Rust, JavaScript), with deep experience conducting detailed code reviews and security assessments across multiple languages
  • Hands-on experience with deploying, operating, and interpreting results from security tools such as static analyzers, web vulnerability scanners, supply chain analysis scanners, and host-based intrusion detection systems
  • Demonstrated experience mentoring, coaching and guiding junior and mid-level security engineers, contributing to a strong team culture, and supporting peer development as a senior individual contributor
  • Demonstrated proactive approach, strong continuous learning orientation, and curiosity about emerging threats, security trends, and innovative technologies
  • Extensive expertise securing cloud-native environments (AWS, Azure, GCP, containers, microservices), with in-depth knowledge of modern cloud security risks and defenses
  • Demonstrated ability to embrace being wrong, practice humility, continuously learn from experiences, and actively seek insights through thoughtful questioning and collaboration
Job Responsibility
Job Responsibility
  • Lead comprehensive application security assessments, advanced threat modeling sessions, and secure code reviews across critical product features, internal tooling, endpoints, and third-party integrations
  • Collaborate strategically with product engineering to establish and enhance secure-by-default and privacy-by-design practices within the software development lifecycle (SDLC)
  • Lead and otherwise participate in incident detection, investigation, triage, containment, and root cause analysis for high impact security incidents, providing mentorship and guidance to junior engineers as required
  • Drive the development and continuous improvement of sophisticated detection rules, response automation, and optimized alert management across cloud environments, corporate infrastructure, and SaaS platforms
  • Lead and participate in complex vulnerability remediation processes, and effectively respond to security issues discovered by both internal teams and external sources
  • Document technical findings and strategic decisions in a clear and accessible manner, and procedural enhancements
  • significantly contribute to comprehensive security playbooks and knowledge repositories
  • Manage and oversee asksecurity@ request handling, and actively participate in sprint-based security activities, balancing strategic and tactical execution
  • Actively participate in the security on-call rotation, or provide senior-level guidance as required during an event and aid in rapid response capabilities to protect our 24x7 platform and global workforce
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Poland Jobs Ireland Jobs Germany Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy