×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Incident Response Consultant L1

Job in Plano, Collin County, Texas, 75086, USA
Listing for: Armor Defense
Full Time position
Listed on 2026-02-24
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: INCIDENT RESPONSE CONSULTANT L1

At Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud‑centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking norms and tirelessly innovating to stay ahead of evolving cyber threats and reshaping how we deliver customer outcomes.

We are passionate about making a positive impact in the world, and we’re looking for a highly skilled and experienced talent to join our dynamic team.

Armor has unique offerings to the market so customers can a) understand their risk b) leverage Armor to co‑manage their risk or c) completely outsource their risk to Armor.

Learn more at:

WORK LOCATION & SCHEDULE
  • Plano, Texas:
    Hybrid schedule with mandatory in‑office days on Tuesday, Wednesday, and Thursday.
SUMMARY

Armor is seeking an Incident Response Consultant to provide security consultation and incident response services to our managed security customers. This is an in‑office position based at one of our SOC locations. This position consults with customers on security events, analyzes threats using professional judgment, and provides recommendations on detection, response, and remediation strategies. Working directly with customers across diverse environments, this role delivers expert guidance through the incident response lifecycle.

ESSENTIAL DUTIES AND RESPONSIBILITIES (Additional duties may be assigned as required)
  • Consult with customers on security events, providing analysis and recommendations for response actions tailored to their environment.
  • Analyze security data across SIEM, EDR, and cloud platforms to identify threats and advise on appropriate countermeasures.
  • Provide guidance to customers through the incident response lifecycle based on NIST 800‑53 and SANS best practices.
  • Investigate potential compromises and recommend remediation strategies appropriate to customer risk tolerance and business requirements.
  • Advise customers on security best practices, control improvements, and risk mitigation approaches.
  • Analyze emerging threats and vulnerabilities; provide recommendations on defensive measures.
  • Document findings, recommendations, and consultation outcomes for customer delivery.
  • Collaborate with senior consultants on complex engagements and escalate as appropriate.
REQUIRED SKILLS
  • Linux and Windows Server administration fundamentals.
  • Familiarity with cloud platforms (Azure, AWS, GCP) and their security services.
  • Working knowledge of security tools: EDR, SIEM (Sentinel, Splunk, etc.), SOAR, and threat intelligence platforms.
  • Understanding of networking fundamentals, TCP/IP, and common attack techniques.
  • Ability to read and modify code (Python, Power Shell, KQL) for analysis and automation.
  • Working knowledge of git version control including branching, commits, and pull request workflows.
  • Proficiency with AI‑assisted tools (Claude Code, Git Hub Copilot, or equivalent) for accelerating security analysis and task automation.
  • Understanding of AI/LLM security risks including prompt injection, data leakage, and model limitations.
  • Ability to critically evaluate AI‑generated outputs for accuracy and security implications.
  • Willingness to adopt agentic AI workflows and AI‑augmented tooling as part of daily security operations.
  • Analytical mindset with ability to identify indicators of compromise and correlate events across data sources.
  • Strong communication skills with ability to convey technical concepts to diverse audiences.
  • Customer‑focused with professional consulting demeanor.
EDUCATION AND/OR EXPERIENCE
  • 1‑3 years of experience in security operations, incident response, or security consulting. Prior SOC analyst or IR experience preferred.
  • Required certifications within 12 months:
    Microsoft Azure Security Technologies (AZ‑500), Microsoft Security Operations Analyst (SC‑200), Microsoft Identity and Access Administrator (SC‑300).
  • Certifications preferred:
    Security+, CySA+, CEH.
  • Associate’s or Bachelor’s Degree in Information Technology, Cybersecurity, or related field preferred.
WHY ARMOR

Join Armor if you want to be part of a company that is redefining cybersecurity. Here,…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search