remote

Security Incident Response Engineer - Acrisure LLC

Software Engineer

Lead rapid detection, investigation, and remediation of security incidents using SIEM, SOC tools, and threat hunting techniques. Leverage Python scripting and AWS security services to automate response workflows and strengthen enterprise defenses.

About the role

Key Responsibilities

Operate and enhance the Security Operations Center (SOC) to detect, analyze, and respond to security incidents in real time.
Utilize SIEM platforms (e.g., Splunk, QRadar) to correlate alerts, conduct root‑cause analysis, and produce detailed incident reports.
Perform threat hunting and proactive vulnerability assessments to identify emerging attack vectors.
Develop and maintain Python scripts and automation workflows to streamline triage, containment, and remediation processes.
Collaborate with cloud security teams to investigate incidents on AWS environments, applying IAM, GuardDuty, and CloudTrail insights.
Document lessons learned, update playbooks, and provide training to internal stakeholders on incident response best practices.

Requirements

3+ years of experience in security incident response, SOC operations, or related field.
Proficiency with SIEM tools (Splunk, QRadar, ArcSight) and incident response frameworks (MITRE ATT&CK).
Hands‑on experience with AWS security services and scripting in Python.
Strong analytical skills, ability to work under pressure, and excellent communication.
Relevant certifications (e.g., GCIH, GCIH, CISSP, or equivalent) preferred.

Skills

siempythonaws

CompanyAcrisure LLC

DepartmentEngineering

LocationGrand Rapids, Michigan, United States

Experience3+ years

Tenurefull-time

LevelMid-Level

Posted June 22, 2026