Incident Response Security Engineer
Remote · London, England, United Kingdom or Spain
Job Summary
Incident Response-focused Security Engineer role within Prima's Security Team. Automate security alerts triage and Incident Response playbooks; strengthen EDR/XDR and DLP configurations; define new automatic detections of security events in our SIEM; improve automatic enrichment and integration with SIEM/SOAR; define runbooks to be used during Incident Response; collaborate on all Security Engineering activities. Location-agnostic remote work supported with options for Italy, Spain, or the UK, including full remote and up to 30 days of anywhere work. Requirements include hands-on experience with SIEM/SOAR, CrowdStrike or similar EDR/XDR, cloud knowledge (AWS or equivalent), scripting/programming (Python, Rust), on-call availability, and strong English communication. Nice-to-have items include CI/CD with Infrastructure as Code, Cloud Control Frameworks knowledge, web/mobile security, relevant certifications (GCIH, CIH, GREM, OSCP), and security research/CTFs.
Required Qualifications
- Hands-on experience with SIEM and SOAR platforms
- Hands-on experience with Crowdstrike or similar EDR/XDR solutions
- Knowledge of AWS or similar cloud providers
- Proficiency in scripting and programming languages (e.g., Python, Rust)
- Availability in on-call shifts to guarantee 24x7 security support
- Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.