Mid-Senior Security Engineer - Incident Response (Remote)

About the Role

Are you ready to take on a new challenge as a Security Engineer - Incident Response remote? At Prima, we are rethinking motor insurance and leveraging technology to provide an exceptional experience for our drivers. Since our inception in 2015, we have grown to become the leading online motor insurance provider in Italy, and we are now expanding into the UK and Spain. We are looking for a talented Security Engineer focused on Incident Response to join our dynamic Security Team.

What You'll Do

• Strengthen EDR/XDR and DLP configurations to enhance our security posture.
• Define new automatic detections of security events in our SIEM, ensuring timely responses to incidents.
• Improve automatic enrichment and integration with SIEM/SOAR to streamline incident management.
• Automate security alerts triage and develop Incident Response playbooks to enhance efficiency.
• Define runbooks to be utilized during Incident Response, ensuring clarity and effectiveness.
• Lead and execute Table Top eXercises (TTX) with various teams to test our incident response capabilities.
• Oversee on-call shifts, ensuring 24x7 security support for our operations.
• Collaborate with the Security Engineering team on all activities, contributing to a culture of curiosity and experimentation.

Requirements

• Hands-on experience with SIEM and SOAR platforms, demonstrating your expertise in security operations.
• Proficiency in using Crowdstrike or similar EDR/XDR solutions to protect our systems.
• Experience with MDM solutions and security in AWS and Kubernetes (EKS).
• Strong scripting and programming skills, particularly in Python and Rust.
• Availability for on-call shifts to guarantee continuous security support.
• Excellent English communication skills, enabling effective collaboration with multidisciplinary teams.
• Self-motivated and proactive, with strong problem-solving skills and accountability for deliverables.
• Experience working in an Agile environment, adapting to fast-paced changes.

Nice to Have

• Relevant certifications such as GCIH, GCFA, GREM, GCIA, or similar are preferred.
• Experience with Google Chronicle and Web Application Firewall configuration (e.g., Cloudflare).
• Familiarity with CI/CD systems and Infrastructure as Code (e.g., Python Pulumi).
• Knowledge of Cloud Control Frameworks (e.g., CIS, CSA, NIST).
• Understanding of web and mobile application security.
• Experience in security research, bug bounty programs, or CTFs.

What We Offer

• Flexible work arrangements: work from home, the office, or a mix of both.
• Opportunity to work from anywhere for up to 30 days a year.
• Access to learning resources, mentorship, and a tailored growth plan.
• Private healthcare, gym discounts, wellbeing programs, and mental health support.
• Join a diverse team that celebrates uniqueness and innovation.

If you are passionate about cybersecurity and believe you are a match for this Security Engineer - Incident Response remote position, we encourage you to apply now. At Prima, we value diverse perspectives and are committed to building an inclusive team.