Senior Incident Response Engineer

Senior Incident Response Engineer

Position Overview: Praetorian is seeking an experienced cybersecurity professional to join our growing incident response and threat hunting team. This is a customer-facing position that is responsible for leading high-stress engagements from crisis to resolution. In addition, you'll be working directly with customers to help them improve their detection capabilities and building out incident response plans. As a senior member of the team, you will help influence the direction of the practice and mentor new team members. 

To learn more about Praetorian, visit: https://www.praetorian.com/careers

Career opportunity:
  • Join an industry with massive socio, economic, and political importance in the 21st century
  • Work alongside some of the best and the brightest minds in the security industry
  • Work with prominent clients and help them solve hard security problems
  • Leave an indelible mark on a company where individual input has real impact
  • Align your career trajectory with a hyper-growth company that is on the move

Core responsibilities:
  • Lead incident response investigations and threat hunting engagements
  • Develop plans to identify, investigate, contain, and eradicate threats from customer environments
  • Clearly communicate risks, priorities, findings, and recommendations to customers
  • Conduct host, network, log, and malware analysis and forensics to answer key investigative questions
  • Help improve customer detection by improving alerting fidelity by enhancing telemetry and analysis
  • Develop scripts, tools, and methodologies to improve and automate processes
  • Implement remediation plans in response to incidents
  • Travel required when needed but is typically less than 20%

Required qualifications:
  • Strong technical and investigative understanding of the incident response process
  • Well versed in modern malicious techniques, including the strengths and limitations of MITRE ATT&CK™
  • Well versed modern detection and response tools and digital forensics
  • 3+ years of incident response experience
  • 7+ years of cyber security experience

Desired qualifications:
  • Prior security consulting experience, or internal experience in two or more organizations
  • An opinion on the state of defensive cybersecurity, threat hunting, and incident response
  • Experience with various Security Orchestration, Automation, and Response (SOAR) platforms
  • GIAC Certified Forensic Analyst (GCFA) and/or GIAC Certified Forensic Examiner (GCFE) a plus
  • BS in computer science, engineering, or management information systems

Compensation package includes:
  • Highly competitive salary
  • Annual performance-based incentive compensation
  • Employee stock option plan
  • $5,000 annual budget for training, certifications, and conferences
  • 73% company coverage on health insurance premium
  • 4% company 401K matching vested immediately 
  • No formal vacation policy with flexible hours and working environment


About Praetorian: From software hacking to hardware hacking, we help secure everything from cryptocurrency exchanges and space telescopes to autonomous vehicles and the electric grid. As an Inc. Best Places to Work, Inc. 500 | 5000, CyberSecurity 500, and Austin Fast 50 Award recipient, we are seeking an individual that understands the professional and personal growth attached to this opportunity and who has the corresponding internal drive to maximize it. You will have the opportunity to work with some of the best security engineers in the world who hail from organizations such as Amazon, CIA, Facebook, Google, McAfee, Microsoft, NSA, Redhat, Sun Microsystems, and Symantec.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

Want to apply later?

Type your email address below to receive a reminder

ErrorRequired field

Apply to Job

ErrorRequired field
ErrorRequired field
ErrorRequired field
insert_drive_file
insert_drive_file
ErrorRequired field
ErrorRequired field
ErrorRequired field