Incident Response Engineer – Cyber Defense

Posted · Add Comment
Career Techniques Inc
Published
July 9, 2026
Location
Dallas, TX - Hybrid - 3 days/week in-office
Category
 
Job Type

Description

About the Role

This role is responsible for the end-to-end execution of the Incident Response lifecycle, leveraging AI-assisted tools, automation, and threat intelligence to accelerate detection, triage, investigation, and containment.

You will operate as both a hands-on technical responder and incident leader, driving rapid mitigation actions while improving detection fidelity, response speed, and operational efficiency.

Responsibilities Include, but Are Not Limited to:

  • Act as Incident Commander for high-impact security incidents, coordinating cross-functional response efforts and driving containment, eradication, and recovery actions
  • Execute the full Incident Response lifecycle (detect, triage, investigate, contain, remediate, recover) with a focus on reducing time-to-detect and time-to-contain
  • Leverage frameworks such as MITRE ATT&CK and the Cyber Kill Chain to guide investigations and response strategies
  • Lead real-time decision-making during active incidents, ensuring business risk is clearly understood and mitigated
  • Utilize AI-assisted platforms to pre-triage alerts, enrich incidents, and prioritize high-risk activity in the response queue
  • Drive the adoption of AI-based correlation and context aggregation across SIEM/XDR, case management, and threat intelligence sources
  • Conduct deep-dive investigations across endpoint, identity, email, network, and cloud environments
  • Perform host forensics, log analysis, and malware triage to determine scope, impact, and persistence mechanisms
  • Drive operational efficiency by reducing manual touchpoints and enabling automated containment and remediation actions
  • Provide technical leadership and mentorship to junior and mid-level analysts, elevating team capability and consistency
  • Collaborate with IT, Engineering, Legal, HR, and business stakeholders during investigations and incident response activities
  • Serve as a key contributor across multiple concurrent initiatives, including tool enablement, process improvement, and security strategy
  • Deliver clear, concise, and executive-ready incident reports, including impact assessments and recommended actions
  • Conduct post-incident reviews and root cause analysis, driving improvements to detection, response, and prevention controls

Requirements and Qualifications

  • 6+ years of hands-on experience in Cybersecurity Operations / Incident Response
  • Strong experience within Microsoft Security Ecosystem
  • Proven experience investigating incidents across cloud (Azure/AWS), identity, endpoint, and email platforms
  • Demonstrated experience integrating or leveraging AI/automation in security operations (e.g., security copilots, ML-based detections, automated triage)
  • Strong proficiency in KQL (Kusto Query Language) for threat hunting and investigation
  • Strong analytical and critical thinking skills with the ability to operate under pressure
  • Excellent written and verbal communication skills, including executive-level reporting
  • Ability to lead incidents, influence stakeholders, and drive rapid decision-making
  • Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)
  • Certified in one or more of the following: CISSP, CISM, CISA,SANS GIAC Security Certifications.
  • Max. file size: 100 MB.
  • Please complete the math question to prove you are human.

Related Jobs

Solutions Architect   Dallas, TX - Hybrid - 3 days/week in-office
June 24, 2026
Senior Azure Cloud Engineer   Dallas, TX - Hybrid - 3 days/week in-office
June 10, 2026
Manager of Network and Infrastructure Security   Dallas, TX - Hybrid - 3 days/week in-office
June 1, 2026
Director of Incident Response   Dallas, TX - Hybrid - 3 days/week in-office
June 1, 2026
Network Security Engineer   Dallas, TX - Hybrid - 3 days/week in-office
June 1, 2026