Posted: Jan 27, 2026
What a day is like: Monitor and support alerts from PagerDuty, Splunk, Imperva, PhishER, hCaptcha, JupiterOne and infrastructure running on AWS Identify, contain and resolve cyber security incidents Identify security flaws and vulnerabilities Develop response procedures for security incidents Produce detailed incident reports Participate in daily stand-up meetings Lead research processes and functional IT teams or projects to solve complex issues Support information security audits with technical evidence Drive tickets in Jira through different phases until reaching closure Solve complex problems, taking a broad perspective to identify innovative solutions Contribute to departmental business planning and solution design Communicate difficult concepts and negotiates with others to conclude on goal-centric points of view Interpret challenges and recommend best practices to improve processes Provide resolution support to wide array of issues that are complex in scope Use expert-level cyber security knowledge base to complete tasks You're perfect for this role if you have: 8+ years' experience working with systems deployed on AWS 6+ years' technical experience in Incident Management for AWS Cloud solutions 2+ years' experience with network security, intrusion detection and response, security incident management (SIEM) 2+ years' experience using Splunk for Incident Management and processes supported by Identity Management, Phishing handling, On-Call systems, End point Detection and response, AWS cloud security tools Proven experience in: Incident Management (2+ years) Risk Management techniques (2+ years) Vulnerability Management Web Application Firewalls SOAR playbooks and workflows Experience as a subject matter expert or stakeholder Previously supported information security audits in any of the following frameworks or regulations: PCI DSS, NIST, ISO 27001 Experience analyzing threats of cloud and application components (such as, findings from Security Assessments) Intrinsic understanding of software development life cycles Excellent oral and written communication skills Knowledge of current and emerging security technologies, threats, and techniques for exploiting security vulnerabilities in the code or application The ability to work independently, and on a team, requesting guidance in complex situations, when needed Capacity to lead functional teams or projects to solve complex problems and deliver solutions Preferred Qualifications: Familiarity with Java (including npm and Maven), Docker & Kubernetes Familiarity with some of the following: SAST (Static Application Security Testing) DAST (Dynamic Application Security Testing) SCA (Software Composition Analysis) SBOM (Software Bill of Materials) Image Scanning IaC (Infrastructure as Code) Threat Modeling PenTesting (Web App, Mobile, External) CSA (Cloud Security Assessment) Academic Background: Not required, but typically holds BsC or MsC college/university degree in Information Security, Cybersecurity, Computer Science or Software Engineering Holds at least one of the following Information Security certifications: CCSP, C|EH, OSCP, GCIH, CISSP, CISA, CISM Ideally, holds AWS Certified Security certification or an akin certification Apply Job!