More jobs:
Consulting/Principal Security Engineer
Job in
Raleigh, Wake County, North Carolina, 27601, USA
Listed on 2026-07-08
Listing for:
LexisNexis Risk Solutions
Full Time
position Listed on 2026-07-08
Job specializations:
-
IT/Tech
Cybersecurity
Job Description & How to Apply Below
This role requires deep expertise in leading complex incident response efforts across hybrid environments and advancing cloud-native detection and monitoring capabilities, particularly within AWS. The role also owns the incident response program’s readiness lifecycle—including tabletops, cyber range exercises, and after-action governance—to ensure continuous improvement and operational resilience.
Job Description BASIC FUNCTIONS:
This position will provide strategic and tactical incident response leadership, providing management with insight and input into overall security operations decisions based on advances in technology and the evolving threat landscape. The position supports the Information Security department’s goals and objectives by leading escalations and coordinating response activities across multiple technical teams, ensuring consistent execution of triage, containment, eradication, and recovery.
This position serves as the senior incident commander, establishes and maintains incident response readiness (playbooks, communications patterns, exercises), and drives detection and response improvements through lessons learned and measurable program outcomes.
QUALIFICATIONS:
10+ years of IT security experience, including significant incident response leadership in enterprise environmentsBS Engineering/Computer Science or equivalent experience required; advanced degree preferred
Preferred: incident handling/forensics-focused certifications (e.g., GCIH, GCFA or equivalent) and cloud security certification(s) (AWS/Azure/GCP)
TECHNICAL
SKILLS:
Advanced knowledge of modern security operations environments, including hybrid enterprise architectures and common attack paths.
Demonstrated experience leading incident response activities across complex hybrid environments, including on-premises infrastructure and multi-cloud platforms (AWS, Azure, GCP).Strong hands-on experience engineering detections, telemetry, and monitoring solutions within AWS (e.g., Cloud Trail, Guard Duty, VPC Flow Logs, and related services).Expertise in incident command practices: severity assessment, stakeholder coordination, containment strategies, evidence handling, eradication and recovery planning, and post-incident review.
Strong ability to monitor, triage, and investigate security events; apply structured analysis for anomalous activity and adversary behaviors.
Experience with enterprise logging and telemetry pipelines, log onboarding strategies, and data quality expectations (coverage, fidelity, retention).Experience improving detection quality and signal-to-noise (e.g., tuning, suppression, enrichment, validation, and feedback loops).Working knowledge of identity and access security concepts (SSO/MFA, privileged access, conditional access) and identity-driven attack patterns and detections.
Understanding of compliance and governance initiatives and the ability to translate requirements into operational controls, procedures, and evidence.
Vulnerability and exposure understanding sufficient to prioritize response actions (active exploitation, blast radius, compensating controls) and guide remediation.
Familiarity with automation/SOAR concepts and scripting for investigation and response workflows (e.g., Python/Power Shell or equivalent).Ability to develop and implement incident response programs with measurable outcomes (response readiness, containment speed, detection coverage, exercise cadence).Strong organization/project planning, time management, and change…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×