Security Incident Response Engineer

We are a global team of innovators and pioneers dedicated to shaping the future of observability. At New Relic we build an intelligent platform that empowers companies to thrive in an AI-first world by giving them unparalleled insight into their complex systems. As we continue to expand our global footprint were looking for passionate people to join our mission. If youre ready to help the worlds best companies optimize their digital applications we invite you to explore a career with us!

Your opportunity

New Relics Information Security Team is searching for a Security Incident Response Engineer! If you enjoy a work environment where youre part of a successful distributed team that collaborates to achieve successful outcomes we would love to talk to you! In this role you will use your background and deep understanding of how attackers gain access to systems and apply it to respond to cyber security incidents covering all phases including identification containment and eradication.

As an engineer of our growing Security Response team you will collaborate with teams throughout the organization providing security insight mitigation strategies and preventive measures from detections. You will help develop our security program through collaboration investigation documentation and engineering practices.

What youll do

• Support and maintain response strategy and tooling to serve incidents and key attack scenarios.
• Support the SOC alert lifecycle: triage security risk investigate alerts develop runbooks policies and procedures to help the company respond and run retrospectives to coordinate effort across the company to prevent future incidents.
• Maintain healthy working relationships with our managed security service providers and respond to incident escalations.
• Maintain coordination and communication streams horizontally and vertically as part of major cyber related incident handling.
• Know the latest APT tactics and techniques and use engineering practices to detect and respond.
• Provide technical expertise to engineering teams on standard methodologies tools and frameworks.
• Work with product managers senior management and end users to drive security maturity across the business.
• Be available for on call support during off hours
• Be flexible to work on weekend shifts and avail weekly offs during weekdays

This role requires

Must-have:

• Willingness to work in rotational shifts including Day Afternoon and Night shifts
• You have at least two years of recent experience working in a threat hunting threat intelligence incident response SOC analyst or security engineering role
• Experience configuring security incident and event management tools including creating event filtering correlation rules and reports
• Strong understanding of the MITRE ATT&CK Framework
• Experience performing risk assessment threat tracking or vulnerability management and success in evaluating and communicating severity impact and likelihood of a risk to a wide audience
• Familiarity with digital forensic tools and techniques for hands-on response during incidents

Bonus points if you have

• Experience creating SOAR workflows and automation
• Experience building a successful SOC or developing incident response plans or runbooks
• Software engineering experience primarily in Python or other high-level programming language
• Experience in cloud detections (AWS Azure GCP)
• Experience with DevOps CI/CD pipelines including Terraform Atlantis Ansible Kubernetes and Argo
• Experience with enterprise Kubernetes deployments including EKS

Fostering a diverse welcoming and inclusive environment is important to us. We work hard to make everyone feel comfortable bringing their best most authentic selves to work every day. We celebrate our talented Relics different backgrounds and abilities and recognize the different paths they took to reach us including nontraditional ones. Their experiences and perspectives inspire us to make our products and company the best they can be. Were looking for people who feel connected to our mission and values not just candidates who check off all the boxes.

If you require a reasonable accommodation to complete any part of the application or recruiting process please reach out to .

We believe in empowering all Relics to achieve professional and business success through a flexible workforce model. This model allows us to work in a variety of workplaces that best support our success including fully office-based fully remote or hybrid.

Our hiring process

In compliance with applicable law all persons hired will be required to verify identity and eligibility to work and to complete employment eligibility verification. Note: Our stewardship of the data of thousands of customers means that a criminal background check is required to join New Relic.

We will consider qualified applicants with arrest and conviction records based on individual circumstances and in accordance with applicable law including but not limited to theSan Francisco Fair Chance Ordinance.

Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. New Relic does not accept unsolicited headhunter and agency resumes and will not pay fees to any third-party agency or company that does not have a signed agreement with New Relic.

New Relic develops and distributes encryption software and technology that complies with U.S. export controls and licensing requirements. Certain New Relic roles require candidates to pass an export compliance assessment as a condition of employment in any global location. If relevant we will provide more information later in the application process.

Candidates are evaluated based on qualifications regardless of race religion ethnicity national origin sex sexual orientation gender expression or identity age disability neurodiversity veteran or marital status political viewpoint or other legally protected characteristics.

Review our Applicant Privacy Notice at