CrawlJobs Logo
ClickHouse Logo ClickHouse · IT - Administration

Incident Response Security Engineer

United Kingdom · Job Posted December 07, 2025
Apply Position
Job Link Share

Job Description

The Security Team is responsible for providing key security capabilities covering application, cloud and enterprise security, incident response, detection and GRC. Our team is looking for an experienced, hands-on security practitioner, who will drive the adoption of modern security processes and tooling, with focus on supporting our detection and incident response capabilities.

Job Responsibility

  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services

Requirements

  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python

Nice to have

  • BS, MS, or PhD in Computer Science or related field
  • Previous contributions to open source projects
  • Security or cloud related certifications (AWS, GCP, Azure)

What we offer

  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
ClickHouse - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Incident Response Security Engineer

8 matching positions

Incident Response Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
United States
Salary
Salary:
169150.00 - 225000.00 USD / Year
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python
Job Responsibility
Job Responsibility
  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
  • Fulltime
Read More
Arrow Right

Incident Response Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
Canada
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python
Job Responsibility
Job Responsibility
  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right

Incident Response Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
Netherlands
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python
Job Responsibility
Job Responsibility
  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right

Senior Security Engineer - Security Incident Response

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • equivalent experience
  • Active U.S. Government Secret Security Clearance
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • U.S. citizenship verification
Job Responsibility
Job Responsibility
  • Coordinate with investigators to prioritize investigation objectives, understands attack paths, and systematically executes mitigation and protection actions to evict threat actors for any security incident impacting any of Microsoft’s products or services
  • Conduct hands-on mitigation where possible
  • engages service owners when there is a risk of a production outage
  • Maintain hands-on knowledge of mitigation and protection steps for various asset types (e.g. M365, Azure, AI) and publishes self-service guidance for impacted engineering teams
  • Brief executive stakeholders on eviction plans and associated status
  • Maintain and evolves an inventory of threat actor Tactics, Techniques, and Procedures (TTPs) and the corresponding eviction capabilities
  • Define and prioritize requirements and use cases for Microsoft’s threat actor eviction platform
  • operationalize as they are delivered
  • Drive strategic change to accelerate eviction scenarios (e.g. lean business cases to garner support for broader Microsoft product initiatives or features)
  • Participate in an on-call rotation
  • Fulltime
Read More
Arrow Right

Senior Security Engineer - Security Incident Response

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Multiple Locations
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • equivalent experience
  • Active U.S. Government Secret Security Clearance
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Coordinates with investigators to prioritize investigation objectives, understands attack paths, and systematically executes mitigation and protection actions to evict threat actors for any security incident impacting any of Microsoft’s products or services
  • Conducts hands-on mitigation where possible
  • engages service owners when there is a risk of a production outage
  • Maintains hands-on knowledge of mitigation and protection steps for various asset types (e.g. M365, Azure, AI) and publishes self-service guidance for impacted engineering teams
  • Briefs executive stakeholders on eviction plans and associated status
  • Maintains and evolves an inventory of threat actor Tactics, Techniques, and Procedures (TTPs) and the corresponding eviction capabilities
  • Define and prioritize requirements and use cases for Microsoft’s threat actor eviction platform
  • operationalize as they are delivered
  • Drives strategic change to accelerate eviction scenarios (e.g. lean business cases to garner support for broader Microsoft product initiatives or features)
  • Participates in an on-call rotation
  • Fulltime
Read More
Arrow Right

Senior Security Incident Response Engineer

We are a global team of innovators and pioneers dedicated to shaping the future ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
newrelic.com Logo
New Relic
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Willingness to work in rotational shifts including Morning, Evening and Night shifts
  • Willingness to work in weekend shifts and support on call
  • At least five years of recent experience working in a threat hunting, threat intelligence, incident response, or security engineering role
  • Experience configuring security incident and event management tools, including creating event filtering, correlation rules, and reports
  • Strong understanding of the MITRE ATT&CK Framework
  • Experience performing risk assessment, threat tracking, or vulnerability management and success in evaluating and communicating severity, impact, and likelihood of a risk to a wide audience
  • Familiarity with digital forensic tools and techniques for hands-on response during incidents
Job Responsibility
Job Responsibility
  • Support and maintain response strategy and tooling to severe incidents and key attack scenarios
  • Support the SoC alert life cycle: triage security risk, investigate alerts, develop runbooks, policies and procedures to help the company respond, and run retrospectives to coordinate effort across the company to prevent future incidents
  • Maintain healthy working relationships with our managed security service providers and respond to incident escalations
  • Maintain coordination and communication streams horizontally and vertically as part of major cyber related incident handling
  • Know the latest APT tactics and techniques and use engineering practices to detect and respond
  • Provide technical expertise to engineering teams on standard methodologies, tools and frameworks
  • Work with product managers, senior management, and end users to drive security maturity across the business
Read More
Arrow Right

Senior Security Engineer - Incident Response

Mozilla is looking for an Incident Responder to monitor and mitigate attacks acr...
Location
Location
Germany
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of demonstrated ability managing security incidents at a global scale and/or experience working in Security Operations Centers (SOC), Product Security Incident Response Teams (PSIRT), and Computer Security Incident Response Teams (CSIRT)
  • Expertise with security information and event management (SIEM) systems (eg. ELK, Google BigQuery, Splunk, etc.). Splunk proficiency is preferred
  • Expertise with endpoint detection and investigation. Hands-on experience with leading EDR tools and demonstrated ability to leverage endpoint telemetry to find root cause
  • Expertise with security orchestration and automation (SOAR) platforms such as Tines or Splunk SOAR
  • Superb communication and leadership capacity
  • ability to partner effectively with diverse company stakeholders
  • Real-world experience in software development and/or engineering operations for consumer products and services
  • B.S. in a technology-focused field is helpful
  • Practical experience working with cloud technologies (eg. Google Cloud Platform, Amazon Web Services, Heroku, Microsoft Azure, etc.)
  • Ownership and Accountability
Job Responsibility
Job Responsibility
  • Identify and respond to security incidents on a global scale
  • Act as an incident commander to drive incidents through the entire response lifecycle
  • Design and maintain a portfolio of security alerts, automated actions, playbooks and escalation workflows in support of a high-performing 24/7 incident response capability
  • Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors
  • Research threat intelligence reports, triage and manage resulting workflows
  • Partner with key stakeholders and communicate effectively to maintain a continuously improving feedback loop of preparation, identification, analysis, containment, and post mortem activities
  • Participate in on-call rotation
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Security Incident Response GTM

Microsoft Security Incident Response (DART Team) is looking for a Security Resea...
Location
Location
United States , Multiple Locations
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • equivalent experience
  • 5+ years in cyber security incident response working directly with customers on cyber incident remediation including investigation, remediation, eviction, and improvement
  • 5+ years in IP dev around cyber security deliveries focused on proactive resilience improvement
  • 5+ years in customer and enterprise cyber security GTM and field training and readiness
Job Responsibility
Job Responsibility
  • Develop proactive cyber‑resilience capabilities by building and enhancing a portfolio of incident response offerings, including cyber ranges, threat assessments, and compromise assessments
  • Drive Red Team and OT/ICS-aligned research initiatives, developing methodology and novel approaches that strengthen detection, response, and adversary‑simulation effectiveness
  • Create customer‑ and field‑ready technical content that articulates the value, methodologies, and expected outcomes of proactive incident response services to support sales, marketing, and field readiness
  • Collaborate across MCAPS field, Marketing, and Security organizations to align messaging, improve delivery quality, and land proactive incident‑response services at scale
  • Establish and maintain strategic partnerships with leading OT/ICS security firms to expand DART’s operational capabilities
  • Build and manage relationships with Red Team partners to augment offensive security capacity, methodologies, and specialized delivery scenarios
  • Embody our culture and values
  • Fulltime
Read More
Arrow Right