For People, For Nature, Forever
Cybersecurity Incident Response Engineer
Location
Peru
Posted
21 hours ago
Salary
0
Seniority
Lead
Job Description
Cybersecurity Incident Response Engineer
World Wildlife Fund
• Leads and supports investigation, containment, and remediation of cybersecurity incidents • Monitors and responds to security events across multiple environments • Collects, correlates, and analyzes data from various sources to identify threats • Performs root cause analysis and documents incidents from detection to review • Improves detection and response capabilities through playbook development • Participates in exercises and reviews to strengthen IR capabilities • Communicates incident details and recommendations to stakeholders • Stays current on emerging threats and shares knowledge
Job Requirements
- Bachelor's degree in Computer Science or Information Technology
- Bilingual in English and Spanish required
- Minimum of 8+ years experience in Cybersecurity or related field
- Advanced understanding and proficiency with Windows and macOS operating systems
- Experience configuring, deploying, and using multiple security IR solutions such as SIEM, SOAR, playbooks and Endpoint Detection and Response (EDR) tools
- In depth knowledge of cloud services, third party risk management, and application security
- Familiarity with regulatory and compliance requirements such as PCI, CCPA, GDPR
- Strong verbal and written communication skills
Benefits
- No relocation assistance
- Paid time off
- Health insurance
Related Guides
Related Categories
Related Job Pages
More Security Operations Jobs
Cybersecurity Operations Engineer
SwisscomTop quality I Ground-breaking innovations I Connected to people and the environment
Role Description You strengthen our Cybersecurity Operations Team, a small, skilled team that develops and runs practical security services for business customers. You work end to end with customers from needs clarification through implementation to operations, with a focus on technical excellence. Together we solve real problems and increase resilience against cyber threats. Our culture values collaboration, technical depth and continuous learning. - You operate and improve cybersecurity services such as vulnerability management and on‑demand support for customers. - You run assessments, derive clear actions and implement them pragmatically. - You analyse and resolve security incidents and vulnerabilities and work closely with customers. - You automate workflows with Python and work with modern tools such as Microsoft Sentinel and Microsoft Defender. - You work cross‑functionally, share knowledge in the team and keep an end‑to‑end view of the security process. Qualifications - Bachelor or Master (ETH/Uni/FH/HF) in Computer Science or Cyber Security. - Experience operating cybersecurity services and vulnerability management. - Strong understanding of incident handling and automation and scripting with Python. - Experience with Microsoft Sentinel and Microsoft Defender. - Customer‑focused, pragmatic and goal‑oriented, with enjoyment of direct customer interaction. - Team‑oriented, communicative and confident. - Structured, reliable and curious, with initiative for continuous improvement. - Very good German and English; French is an advantage. Benefits - Opportunity to work in one of our offices in Switzerland or in your home office. - Contact with agile working methods and the latest technologies. - Flexible working hours to meet your personal needs. - A pleasant working environment. - Financial benefits. - Exciting opportunities for professional development. Contact Person Elja Leonetti HR Talent Attraction & Sourcing Specialist Your homebase Swisscom (Schweiz) AG Genfergasse 14, 3011 Bern
• Administer and operate security tools for which the area is responsible. • Support deployments, tuning, integrations, updates and patches for security solutions. • Monitor coverage, operation, availability and effectiveness of technical controls. • Respond to internal requests related to tools, agents, policies, integrations and troubleshooting. • Support projects to improve controls, automation and operational standardization. • Document procedures, configurations, exceptions and operational evidence. • Interact with vendors, technical teams and security teams to resolve issues.
Security Operations Center Engineer
Builders FirstSourceBuilders FirstSource is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status or status as an individual with a disability.
Role Description Security Engineers support the organization’s cybersecurity posture by monitoring security alerts, investigating potential threats, and assisting in the maintenance and improvement of security tools and processes. This role blends traditional Security Operations Center (SOC) responsibilities with foundational security engineering tasks—ideal for early-career professionals with hands-on technical experience who want to grow into more advanced cyber roles. We’re seeking a hands-on Security Operations Engineer who thrives in a 24x7 environment and can detect, analyze, and respond to cyber threats in real time. This role’s primary focus is SOC monitoring and incident response; the secondary focus includes security engineering work to mature detections, tune tooling, automate workflows, and harden the environment. Essential Duties and Responsibilities - Monitor SIEM/XDR/SOAR and other telemetry for alerts, anomalies, and indicators of compromise (IOCs). - Perform Level 1–2 triage, enrichment, scoping, and prioritization of events. - Execute response playbooks (isolation, containment, account/device quarantine, EDR actions, network blocks). - Support incident investigations (forensics acquisition, timeline analysis, root cause). - Document incidents thoroughly (IR tickets, evidence handling, post-incident reports). - Maintain shift logs, knowledge base updates, runbooks, and handoffs. Supervisory Responsibilities This job has no supervisory responsibilities. Qualifications - 2+ years relevant work experience. - Or an equivalent combination of experience and education. - Clear written and verbal communication, decision-making under pressure, and strong collaboration across IT and business teams. - Ability to work independently on shift and drive incidents to closure. Preferred Qualifications - Certifications: GCIA, CySA+ (or equivalent experience). - Experience with SentinelOne, Zscaler ZIA, Google Secops, Azure/M365 security tooling, E-mail security and PAM. Competencies - Detection & Response: Rapid triage, scoping, and containment with minimal escalation. - Analytical Rigor: Able to transform raw telemetry into actionable insights. - Engineering Mindset: Build/tune detections, automate repetitive work, and improve data quality. - Risk Orientation: Prioritize actions based on business impact and threat likelihood. - Documentation: Clear tickets, IR timelines, and post-incident reporting. BFS Competencies - Business and Financial Acumen - Demonstrates functional and/or technical expertise. - Demonstrates problem solving skills. - Results Driven - Holds self and others accountable. - Communicates and sets clear goals with plans to deliver. - Manages competing priorities effectively. - Demonstrates appropriate urgency. - Drives to exceed expectations in alignment with our BFS SPICE values. - Embraces and follows best practices. - Demonstrates self-starter, can-do attitude. Work Environment / Physical Activity The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. - Subject to both typical office environment and outside locations with temperature and weather variations. - Must be able to lift and carry up to 25 pounds. - Occasional travel may be required. Benefits - Medical, dental, vision, and disability insurance plans. - 401(k) retirement savings plan. - PTO (including paid sick time). - 8 paid holidays per year (for salaried and hourly team members).
Senior Manager, SOC Operations
KaseyaKaseya® is the leading provider of IT and security management solutions for managed service providers (MSPs) and SMBs.
• Oversee day-to-day operations of a multilocation, global 24/7 SOC monitoring ~3 million endpoints • Recruit, mentor, and train SOC analysts and team leads • Identify and implement automation opportunities to reduce manual workload • Actively assist with and lead threat hunting initiatives • Evaluate and recommend enhancements to SOC tools, technologies, processes, and workflows • Serve as a key point of contact for customer escalations • Manage shift coverage, compliance reporting, and cross-functional collaboration



