Job Description

MUST HAVES

• Azure and/or AWS
• Cloud Incident Response

Role Overview

The Information Security Engineer II – Cloud Incident Responder tackles moderately complex security engineering challenges within their domain. They maintain and enhance existing security controls while actively participating in the design and development of new solutions. They proactively identify and address vulnerabilities or deficiencies within their domain, develop and implement robust controls to mitigate these risks, create detailed documentation, and implement mechanisms to ensure the effectiveness of solutions.

The Engineer II – Cloud Incident Responder will focus on building and operationalizing cloud-specific incident response processes, playbooks, and procedures across Azure, AWS, and GCP environments. This role requires strong technical expertise in cloud security and incident response, and will be instrumental in improving MGB’s ability to detect, respond to, and recover from cloud-based threats.

The Engineer II – Cloud Incident Responder is expected to work independently on moderately complex problems within their domain and provide guidance to junior team members to support their development. They will regularly engage with external stakeholders and partners to support the development of effective solutions.

Responsibilities

• Takes ownership of specific modules or components within projects or tools, from design to implementation.
• Reviews and provides constructive feedback on build/code contributions from team members.
• Participates in architectural discussions and contributes to the design of complex solutions.
• Proactively identifies and optimizes improvement in existing processes.
• Mentors junior team members, sharing knowledge and best practices.
• Cross-Functional collaboration with other teams to ensure successful solution delivery.
• Designs and maintains cloud incident response playbooks tailored to Azure, AWS, and GCP environments.
• Develops and documents cloud-specific IR procedures, including detection, triage, containment, eradication, and recovery workflows.
• Collaborates with cloud engineering, SOC, and threat intelligence teams to ensure alignment of IR capabilities with cloud architecture and threat landscape.
• Participates in tabletop exercises and simulations to validate cloud IR readiness and improve response capabilities.
• Implements automation and orchestration for cloud incident response using native and third-party tools.

Qualifications

• Bachelor’s or Associate’s Degree or requisite experience
• 3+ years of relevant experience
• Experience in cloud security and incident response across Azure, AWS, and GCP
• Certifications such as AWS Certified Security – Specialty, Azure Security Engineer Associate, or Google Professional Cloud Security Engineer are preferred

Skills / Abilities / Competencies

• Strong understanding of cybersecurity concepts within their domain
• High proficiency with the tools and solutions supported by the team
• Solid understanding of system architecture and design
• Strong problem solving skills and analytical thinking to identify solutions to complex problems, and to optimize existing solutions
• Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part
• Excellent communication and teamwork skills to share knowledge, present ideas, and lead discussions
• Proficiency in cloud-native security tools such as AWS GuardDuty, Azure Sentinel, and GCP Security Command Center
• Experience with SIEM, SOAR, and EDR platforms in cloud environments
• Ability to analyze cloud logs and telemetry for threat detection and investigation
• Strong understanding of cloud architecture, IAM, and network security principles

Job Tags

Similar Jobs