Incident Response Engineer

Job Description

This role plays a critical part in the organization's security operations program, supporting incident response, threat detection, and asset intelligence across endpoint, identity, and cloud environments. The individual will work closely with security operations, IT, and engineering teams to investigate alerts, respond to incidents, and continuously improve visibility into enterprise assets using the Axonius platform.

On the incident response side, this role is responsible for triaging and analyzing security alerts, validating threats, and supporting containment and remediation efforts in accordance with established incident response procedures. The individual will help ensure incidents are accurately documented, escalated appropriately, and used as learning opportunities to strengthen detection coverage and reduce future risk.

From an asset intelligence perspective, this role will focus on developing and maintaining a trusted asset inventory by configuring data sources, validating integrations, and resolving data quality issues within Axonius. The individual will identify asset visibility gaps, investigate root causes of incomplete or inconsistent data, and partner with internal teams to improve overall data hygiene and system alignment. Additionally, this role contributes to the ongoing maturation of security operations by supporting detection tuning, tooling optimization, automation initiatives, and documentation. The individual will help improve signal quality, reduce false positives, and enhance operational playbooks and runbooks to ensure consistent, repeatable security outcomes.

payrate - $70-80/hr

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:

Skills and Requirements

• 7+ years of experience investigating and responding to security alerts across endpoint, identity, and cloud environments, including EDR tooling

• Strong understanding of incident response workflows (analysis, containment, remediation, documentation, and escalation procedures)

• Experience configuring, onboarding, and maintaining Axonius data sources, with a focus on asset visibility and accuracy

• Proven ability to validate asset data, identify discrepancies or gaps

• Ability to collaborate effectively with security, IT, and engineering teams - Experience tuning detections to reduce false positives and improve signal fidelity

• Exposure to security monitoring enhancements, tooling optimization, or automation efforts

• Experience developing queries, dashboards, and reports for security or asset intelligence use cases

• Background contributing to documentation, operational playbooks, and runbooks

• Prior experience in a SOC, IR, or security operations environment