Sr. Engineer, Cybersecurity - Threat Response
$103,400–$186,400 year
On-site · Bellevue, Washington, United States or Overland Park, Kansas, United States
Job Summary
Senior cybersecurity engineer focused on threat response and incident management. Responsible for analyzing security alerts and threat intelligence to identify risks, leading and supporting incident response activities, serving as Incident Commander to coordinate multi-functional responses, and developing procedures to reduce organizational risk. Collaborates with network, cloud, infrastructure, and application teams to investigate security incidents, documents findings and lessons learned, and drives remediation. Partners with leadership to communicate status and recommendations, contributes to ongoing improvements through automation and process enhancements, and participates in on-call rotations. Requires a Bachelor's degree in Computer Science or Information Technology (or advanced degree) with 5+ years (or 3+ years with advanced degree) of related experience. Proficiency in MITRE ATT&CK, NIST/SANS frameworks, SOAR, SIEM/EDR/IDS, digital forensics tools, and knowledge of telecommunications environments. Prior experience as an Incident Commander or similar coordination role is preferred.
Required Qualifications
- Bachelor's degree in Computer Science or Information Technology (required)
- 5 years of related work experience or advanced degree with 3 years related experience
- 4-7 years experience with security related software and/or business process design
- 4-7 years experience in technical project management and leading multi-functional solution design teams
- 4-7 years experience in network information security, including firewall policy design, SSL certificate management, and vulnerability analysis and mitigation
- Experience supporting cybersecurity operations, security investigations, or incident response activities
- Experience with enterprise security technologies and security monitoring platforms
- Knowledge of MITRE ATT&CK, Cyber Kill Chain, and NIST/SANS Incident Handling frameworks
- Experience with SOAR platforms and security automation development
- Knowledge of cloud security and enterprise-scale environments
- Experience with SIEM, IDS/IPS, EDR, and security monitoring technologies
- Strong analytical, troubleshooting, and problem-solving skills
- Ability to communicate technical findings to both technical and non-technical audiences
- Licenses and Certifications (preferred) CISSP, CISM, CRISC, CCSP, CCSK, CISA, GCIH, GCFA, GCFE, GNFA, GCIA, GREM
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.