Senior Security Engineer

Overview

IAC is seeking a highly skilled Senior Security Engineer with a primary focus on Incident Response (IR) and a foundational understanding of Red Teaming/Penetration Testing (Pentest) techniques. The ideal candidate will be a critical member of our SOC team, responsible for the detection, analysis, containment, and remediation of cyber threats, while also supporting proactive threat simulation and vulnerability assessments.

You will actively participate in the full lifecycle of incident response, leveraging tools and frameworks to investigate suspicious activity, analyze adversary behavior, and implement protective measures. You will also assist in red team/pentest operations by applying knowledge of offensive tactics and security assessments to strengthen defenses and improve incident detection capabilities.

Key Responsibilities

• Lead and support the investigation of security events, incidents, and potential intrusions.
• Perform root cause analysis and impact assessment for security incidents.
• Use SOAR platforms (e.g., Tines, Splunk SOAR, XSOAR) for automated response and case management.
• Operate SIEM systems (e.g., Splunk, Elastic, Sumo Logic, Exabeam) to detect, track, and analyze threats.
• Employ Endpoint Detection and Response (EDR) solutions such as CrowdStrike, Sentinel One, MDE, and others to investigate endpoint-based attacks.
• Support Red Team/Pentest initiatives by analyzing TTPs and integrating learnings into blue team processes.
• Contribute to detection engineering by correlating threat actor IOCs with telemetry sources.
• Interpret and integrate Cyber Threat Intelligence (CTI) into incident analysis workflows.
• Apply knowledge of MITRE ATT&CK and D3FEND frameworks to map adversary behavior and improve detection strategies.
• Provide input on the development and refinement of incident response playbooks and runbooks.
• Assist with malware analysis and reverse engineering to support threat identification.
• Collaborate cross-functionally with cloud security, threat intelligence, and vulnerability management teams.

Qualifications

• Bachelor’s degree and minimum of 2 years of relevant experience in information security.
• Demonstrated hands-on experience in the Incident Response lifecycle, including detection, containment, eradication, and recovery.
• At least one of the following certifications (required prior to start): CCSP, CISSP, SSCP, CySA+, Pentest+ , Security+.
• Experience with SOAR and SIEM technologies as mentioned above.
• Familiarity with EDR platforms and security telemetry analysis.
• Knowledge of cloud security monitoring and IR in hybrid/multi-cloud environments.
• Understanding of Indicators of Compromise (IOCs), APT behavior, and threat actor profiles.
• Ability to interpret cyber threat intelligence reports and map techniques using the MITRE framework.
• Familiarity with malware behavior and basic analysis techniques.
• Exposure to or interest in penetration testing and red team tactics is a strong plus.

Salary range: $160,000 – $190,000

The base salary range above represents the anticipated low and high end of the salary range for this position. Actual salaries may vary and may be above or below the range based on various factors including but not limited to work location, experience, and performance. The range listed is just one component of IAC’s total compensation package for employees. Other rewards may include annual bonuses, and short- and long-term incentives. In addition, IAC provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a generous 401K employer matching program, paid holidays, and paid time off (PTO).