Position Summary

The Engineer II, Cyber Incident Response, is a mid-level technical role within the Security Operations Center (SOC) responsible for detecting, investigating, and responding to cybersecurity incidents. This role performs in-depth analysis of alerts, escalates complex cases, and contributes to the improvement of response processes and playbooks. The Engineer II will collaborate with global cyber defense teams to contain threats, minimize business impact, and strengthen detection capabilities. This position requires strong analytical skills, hands-on technical expertise, and the ability to operate effectively in a fast-paced environment.

Primary Duties and Responsibilities 

• Investigate and respond to cybersecurity incidents, including phishing, malware, ransomware, and unauthorized access attempts. 

• Perform analysis of logs, alerts, and forensic data to determine the scope and impact of incidents. 

• Escalate complex or high-severity incidents to Engineer III, Lead, or Principal staff, providing clear documentation and evidence. 

• Assist in containment, eradication, and recovery activities during incident response. 

• Contribute to the development and maintenance of SOC playbooks, runbooks, and standard operating procedures. 

• Collaborate with threat intelligence, vulnerability management, and forensics teams to strengthen detection and response strategies. 

• Participate in lessons-learned sessions and recommend improvements to SOC processes and tooling. 

• Support junior analysts (Engineer I) by sharing knowledge and providing guidance on investigative techniques. 

Education and Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, orequivalent work experience.

• Strong knowledge of cybersecurity fundamentals, incident response methodology, and adversary tactics.

• Familiarity with industry frameworks such as NIST, MITRE ATT&CK, and ISO 27035.

Preferred Certifications 

• GIAC Certified Incident Handler (GCIH)

• GIAC Certified Intrusion Analyst (GCIA)

• CompTIA Security+ orCySA+

• Certified Ethical Hacker (CEH)

Work Experience 

• 3–5 years of progressive experience in cybersecurity, with at least 2 years in SOC operations or incident response. 

• Hands-on experience with SIEM, EDR, and forensic tools (e.g., Splunk, CrowdStrike, Wireshark). 

• Demonstrated ability to analyze logs, alerts, and artifacts to support incident investigations. 

• Strong written and verbal communication skills for documenting findings and briefing stakeholders. 

We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members’ ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit