Job Description

I have a full time opportunity for an enterprise organization for a CSIRT Engineer to join the team. This is a 70,000+ person organization with a lot of room for growth. It reports directly into the Monitoring & Cyber Response Manager.

It is 4 days onsite, 1 day remote in the Austin TX office.

Salary $170-$205k + bonus

Responsibilities:

• Monitor and analyze security alerts from SIEM, EDR, and other security platforms to identify potential threats.
• Perform in-depth investigation of suspicious activity, correlating data across multiple sources to determine scope and impact.
• Lead the resolution of low to moderately complex security incidents, including containment, eradication, and recovery actions.
• Support containment and remediation efforts during active incidents.
• Conduct initial root cause analysis and contribute to post-incident reviews to identify gaps and improve future response efforts.
• Leverage threat intelligence, behavioral analytics, and contextual data to enhance detection, investigation, and resolution capabilities.
• Collaborate with detection engineering teams to develop, test, and tune detection rules and use cases.
• Perform basic malware analysis, log correlation, and network traffic inspection to support incident resolution.
• Maintain up-to-date knowledge of the threat landscape, including attacker tactics, techniques, and procedures (TTPs), and apply this knowledge to improve incident handling.
• Work closely with IT, OT, and business units to validate alerts, gather context, and coordinate incident resolution efforts.
• Document investigation steps, findings, and resolution actions in a clear, structured, and timely manner.
• Participate in SOC shift rotations to ensure 24/7 monitoring and rapid response to security events.
• Contribute to the continuous improvement of SOC processes, playbooks, and knowledge base, with a focus on enhancing incident resolution workflows

Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, or Computer Science (completed and verified prior to start)
• Solid experience in a SOC or cybersecurity operations
• Effective communicator with the ability to document investigations and collaborate with cross-functional teams
• Certifications such as CompTIA Security+, CySA+, or GCIH
• Proficiency in analyzing alerts from SIEM, EDR, and network monitoring tools
• Familiarity with threat intelligence, basic malware analysis, and log correlation techniques
• Understanding of common attack vectors, threat actor behaviors, and frameworks like MITRE ATT&CK
• Strong analytical and problem-solving skills with attention to detail
• Experienced in triaging and investigating security alerts across SIEM, EDR, and network platforms • Skilled in correlating data from multiple sources to identify and escalate confirmed threats
• Proficient in supporting incident response efforts and conducting initial root cause analysis
• Strong understanding of threat intelligence and its application in operational workflows
• Effective communicator with the ability to document investigations clearly and collaborate across teams
• Committed to continuous learning and development in threat detection and response
• Analytical thinker with a proactive approach to identifying and mitigating risks
• Reliable team player in a 24/7 SOC environment, contributing to operational excellence

Lori Sklarski

Senior Technical Recruiter, PRI Technology

Lori.sklarski@pritechnology.com

Direct:(973)-354-2797

Office: 973.732.5454 x27

Cell: 973.432.9968

Job Tags

Similar Jobs