Senior Security Engineer, Incident Response - 1password

Key Responsibilities

• Lead and coordinate rapid incident response across cloud and on‑prem environments, ensuring timely containment, eradication, and recovery.
• Design, implement, and maintain SIEM solutions, developing advanced detection rules and automated playbooks.
• Conduct deep forensic investigations, analyzing logs, memory dumps, and network traffic to uncover attack vectors and root causes.
• Collaborate with threat intelligence teams to integrate actionable intel into detection and response workflows.
• Develop and maintain Python scripts and AWS Lambda functions for automation and data enrichment.
• Provide mentorship and guidance to junior security analysts, fostering a culture of continuous improvement.

Requirements

• 5+ years of experience in incident response, threat hunting, or a related security discipline.
• Proficiency with SIEM platforms (e.g., Splunk, SentinelOne, QRadar) and log analysis.
• Hands‑on experience with AWS security services and scripting in Python.
• Strong knowledge of digital forensics, malware analysis, and threat intelligence frameworks.
• Excellent communication skills and ability to translate technical findings to non‑technical stakeholders.