11 Incident Response jobs in Ireland

Description
Amazon is seeking for a qualified Security Engineer to join our innovative, high energy Information Security team. In this role you will work within the Amazon Security Incident Response Team (SIRT). SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard highly sensitive data. They work hands-on with detection systems and vulnerability analysis tools to respond to potential threats to Amazon systems. SIRT Security Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis. With your technical expertise, you will be solving security challenges at scale, working to protect the applications powering the most sophisticated e-commerce platform ever built. We value broad and deep technical knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence.
Key job responsibilities
- Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon.
- Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future.
- Assisting in the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
- Identifying and recommending solutions that improve or expand Amazon's incident response capabilities.
- Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk.
- Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon, coordinating response as necessary across affected teams.
- Keeping your knowledge and skills current with the rapidly changing threat landscape.
- Participating in a follow-the-sun on-call rotation.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training and Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
- BS in Computer Science, Information Security, and 5+ years of experience with incident response.
- Experience with common security monitoring, log analysis and forensic tools.
- Proficient in one or more scripting languages (E.g: Python, Perl, Bash, PowerShell, etc.)
- Able to perform DFIR and provide incident command at all stages (identification, containment, eradication, recovery, etc) while coordinating with various teams and providing reporting to leadership.
Preferred Qualifications
- Technical depth in one or more specialties including: application security, infrastructure security, digital forensics, malware analysis, threat hunting or some combination thereof.
- Relevant industry certifications from SANS, ISC2, etc.
- Experience working as part of a Computer Security Incident Response Team (CSIRT)
- Familiarity/experience with AWS services and security concepts.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges.
In the Americas, SMBC Group has a presence in the US, Canada, Ireland, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization's extensive global network. The Group's operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd.
+ This is a hybrid role, requiring the successful candidate to attend our Tralee office.
**Role Description**
As a Cyber Incident Response Analyst, you will be a key part of a high performing SOC team, with a desire to continually improve and advance our capabilities to protect SMBC Group. You will bring your passion for Cybersecurity to a team of like-minded professionals and leverage this passion to ensure our monitoring and response capabilities are effective and efficient and that we keep pace with a rapidly changing threat landscape.
You will relish your core role in supporting the monitoring and response of cyber security alerts and incidents by digging into and investigating them to find the root cause and identifying the gap in controls that allowed a threat to reach that point in the kill chain. If you identify an incident, you will lead that technical analysis, tracking down the actions of that threat actor as part of the incident response, while supported by the wider Incident response process and members of the SOC and CSIRT teams. If you identify a false positive, you will drive the effort to tune or refine our detections, or to drive improvements to our preventative controls to prevent a recurrence, freeing more time for the SOC to focus on improving our skills and capabilities. With your knowledge and expertise, you will develop and hone the SOC through work-product review, mentoring, and ownership of projects to develop the technical capabilities of the SOC.
As part of a wider team of SOC analysts, you are able to focus on an area you are passionate about, or if sufficiently experienced, take the lead. You will develop deep expertise and expand our capabilities in domains ranging from across Purple Teaming, Threat hunting, Digital Forensics and Incident Response (DFIR), Security Automation, Detection Engineering and Threat Intelligence and share this knowledge to develop the depth of knowledge of the SOC. As part of a Financial Group with offices and data centers across the Globe, you will have access and exposure to leading technologies and tools. If there is a gap in our toolset, you can help us identify and bridge that gap by acting as Subject Matter Expert to do so. You will bring fresh ideas, challenge the status quo, and seek always to answer - how can we improve?
This role is best suited for candidates who enjoy and have experience within SOC or CSIRT teams and enjoy investigating and finding the root of an issue or incident and working on getting the most from leading edge security toolsets and platforms and processes. Candidates who excel will think critically to find ways to resolve security challenges. This role would suit an experienced and self-motivated cyber security professional with strong technical skills and knowledge combined with a passion for cyber security.
Note: Expectation is to be onsite once a month for this role.
**Role Objectives**
-Act as technical lead in the development and enhancement of capabilities such as Cyber Monitoring & Response/Purple Teaming/Threat Hunting/Digital Forensics/Incident Response
-Act as an escalation point for the analysis of security alerts or technical response to security events and incidents
-Review and guide the SOC personnel for well-written, complete, and thorough analysis
-Mentor and guide more junior SOC personnel sharing your knowledge and expertise.
-Develop and improve monitoring & response playbooks.
-Conduct proactive threat hunting and DFIR activities.
-Develop deep expertise in our monitoring systems and technology to act as an SME in working with our detection engineering and automation teams to enhance our abilities to prevent, detect & respond.
-Identify and test new adversary TTPs and our ability to detect and respond to them.
-Identify opportunities for efficiency, work hand in hand with Security Automation team to automate and improve our response processes.
-Assist in the implementation and ongoing support of security systems, acting as an SME for SOC related projects.
-Execute tasks or support projects to enhance team's capabilities.
-Assist in defining SOC requirements for information technology projects.
-Act as a role model and set the standard for technical analysis within the SOC.
-Providing strong mentorship and guidance to more junior SOC team members by acting and leading by example. Bring a positive outlook and seek to motivate and inspire your fellow team members.
-Demonstrate comprehensive understanding of cyber security best practices, risk vectors, mitigation techniques and protection software. Display knowledge of network security concepts and tools such as firewalls, proxy servers, email security and suspicious traffic flows. Exhibit analytical ability to lead incident response and mitigation efforts as well as identify key areas for improvement from post-incident analysis. Show ability to convey cyber security polices and concepts to employees and lead training efforts to ensure all employees follow recommended best practices relating to cyber security.
-Strong understanding of MITRE ATT&CK Cyber Kill Chain and similar frameworks.
-Strong knowledge of security controls related to the detection, analysis, and response (SIEM, EDR, NDR, XDR, UEBA).
-Strong knowledge of Windows and Linux systems, Active Directory, Cloud technologies.
**Qualifications and Skills**
-5+ years of experience in cyber security experience required, ideally in a SOC, DFIR, or CSIRT role.
-Strong verbal and written communication skills with experience in documenting their work to a high level.
-Professional Certifications an advantage but not essential if have requisite role knowledge, GCIH, GNFA, GFCA, Certified Ethical Hacker (CEH), OSCP, CISSP or similar certifications a plus.
-Must be self-directed with the ability to work independently.
-Ability to multi-task and remain productive in a service-driven and results oriented environment.
-Demonstrated strong organizational, analytical, and problem-solving skills.
**Additional Requirements**
SMBC's employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process.
SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at

Cyber Incident Response & Engineering Lead - Dublin (Hybrid) We're hiring a Cyber Security Incident Response & Engineering Lead to help guide our enterprise-level Security Operations Centre. You'll lead both incident response and detection engineering efforts, mentoring a team and owning tooling across SIEM, SOAR, and EDR platforms. What you'll do: Lead response to major security incidents across multiple clients Own SIEM/SOAR/EDR architecture and tuning Run tabletop exercises and post-incident reviews Mentor and support SOC analysts and engineers Drive continuous improvement across tooling and workflows What you'll bring: 5+ years in cyber security, with incident response leadership Strong hands-on experience with SIEM, SOAR, EDR platforms Ability to guide and mentor a team Knowledge of MITRE ATT&CK, kill chains, forensic investigation Clear communicator under pressure Apply today or email #therealrecruiter #IncidentResponse #SIEM #SOAR #SOCLeadership #CyberJobs

About Us:
We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people.
How We Work:
At Proofpoint, you'll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values: Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact.
**About Proofpoint**
At Proofpoint, we are committed to protecting organizations and individuals from cyber threats through innovative security solutions. Our mission is to safeguard our customers from advanced threats, phishing attacks, and data breaches with cutting-edge technology and a global team of security experts.
**Role Overview**
We are seeking an experienced **Information Security Engineer** to join our global security team in Cork, Ireland. This is a critical role within our **Cyber Incident Response Team (CIRT)** , responsible for managing and responding to security incidents across our global operations. You will serve as an **escalation point for our 24/7 Security Operations Center (SOC)** and play a key role in the automation, orchestration, and enhancement of our security incident response capabilities.
This position requires deep expertise in cybersecurity, strong analytical skills, and the ability to work collaboratively in a fast-paced environment. If you thrive in a role where you can actively **defend against cyber threats, conduct threat hunting, and drive security automation** , this opportunity is for you.
**Key Responsibilities**
+ **Incident Response & Escalation:**
+ Act as the **L3 escalation point** for high-severity security incidents within the **global 24/7 SOC** .
+ Lead **complex investigations** into advanced cyber threats, including malware outbreaks, targeted attacks, and persistent threats.
+ Provide **expert-level guidance** on containment, mitigation, and remediation strategies.
+ **Threat Hunting & Threat Assessment:**
+ Proactively hunt for **hidden threats** within enterprise networks using threat intelligence and behavioral analytics.
+ Develop and refine **threat detection rules** to improve SOC visibility.
+ Assess emerging threats and provide actionable recommendations to enhance security posture.
+ **Security Automation & Orchestration:**
+ Design and implement **automated workflows** to enhance security event triage and response.
+ Leverage **SOAR (Security Orchestration, Automation, and Response) platforms** to streamline incident response.
+ Work with **SIEM (Security Information and Event Management)** tools to optimize log ingestion and alerting mechanisms.
+ **Security Tooling & Continuous Improvement:**
+ Collaborate with security architects and engineers to **enhance detection and response capabilities** .
+ Perform **root cause analysis** on security incidents and recommend improvements to security controls.
+ Stay updated on **industry best practices** and evolving attack techniques to ensure effective defenses.
**Required Qualifications & Experience**
+ **Extensive hands-on experience** in **Cybersecurity Incident Response** or Security Operations.
+ Strong background in **SOC operations, SIEM, threat intelligence, and digital forensics** .
+ Expertise in investigating **malware, phishing, web attacks, insider threats, and advanced persistent threats (APTs)** .
+ Experience working with **security automation and orchestration tools (SOAR)** .
+ Familiarity with scripting languages such as **Python, PowerShell, or Bash** for security automation.
+ Strong understanding of **MITRE ATT&CK framework** , TTPs (Tactics, Techniques, and Procedures), and cyber kill chain.
+ Hands-on experience with **cloud security (AWS, Azure, GCP)** is a plus.
+ Certifications such as **GCIH, GCFA, CISSP, CISM, or OSCP** are highly desirable.
+ Ability to work in a fast-paced, global environment and **collaborate with cross-functional teams** .
**Why Proofpoint**
Protecting people is at the heart of our award-winning lineup of cybersecurity solutions, and the people who work here are the key to our success. We're a customer-focused and a driven-to-win organization with leading-edge products. We are an inclusive, diverse, multinational company that believes in culture fit, but more importantly 'culture-add', and we strongly encourage people from all walks of life to apply.
We believe in hiring the best and the brightest to help cultivate our culture of collaboration and appreciation. If you're an experienced governance and compliance leader with a passion for building teams and driving security excellence, we'd love to hear from you!
Apply today and explore your future at Proofpoint! #LifeAtProofpoint
#LI-CB1
Why Proofpoint? At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you'll love working with us:
- Competitive compensation
- Comprehensive benefits
- Learning & Development: We are committed to the growth and development of our team members, offering a range of programs including leadership and professional development workshops, stretch project assignments, and mentoring opportunities to help employees reach their full potential.
- Flexible work environment: (Remote options, hybrid schedules, flexible hours, etc.).
- Annual wellness and community outreach days
- Always on recognition for your contributions
- Global collaboration and networking opportunities
Our Culture:
Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to . How to Apply Interested? Submit your application here . We can't wait to hear from you!
Proofpoint has been honored with six Best Places to Work Awards in 2024 by workplace culture leader Comparably, including Best Company Career Growth, Best Company Outlook, Best Global Culture, Best Engineering Teams, Best Sales Teams, and Best HR Teams.
We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people.
Our BRAVE Values:
At Proofpoint, we are BRAVE in everything we do, and our values aren't just words-they shape how we work, collaborate, and grow.
We seek people who are bold enough to challenge the status quo, responsive in the face of ever-evolving threats, and accountable for delivering real impact.
We value those with a visionary mindset who anticipate what's next and push cybersecurity forward, and we celebrate exceptional execution that ensures we continue to defend data and protect people.
Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.
Find your network, your allies, and your biggest fans. We know that work is simply better when you're surrounded by people who inspire you-who share ideas, cheer you on, and genuinely want to see you succeed. That's why we offer social circles, sponsored networks, and connection points across teams and time zones-to help you find your people, build your community, and thrive together.
This isn't just a job-it's a mission to protect people and defend data in a world that never slows down. We're building the future of human-centric cybersecurity, and that future belongs to all of us. We take ownership, move fast, and hold ourselves accountable-because that's what it takes to stay ahead. And we do it together, winning as one.
Be empowered to reach your full potential through meaningful challenges and personalized support-designed around you and your goals. Whether you're growing as a leader or leveling up from great to exceptional as an individual contributor, we're here to help you get there.
Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.

Description
Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited to help customers respond to security incidents and automate security operations giving them unprecedented capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally? As a member of the Threat Detection and Incident Response Practice in the AWS Global Service Security you will have the opportunity to help customers respond to security incidents and pioneer technically superb security solutions to help customer operate securely in the cloud. Building on those experiences you'll collaborate with AWS service teams on new features, innovate with new technologies, and explore new challenges
Sales, Marketing and Global Services (SMGS)
AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.
Key job responsibilities
- Perform and oversee security incident response operations
- Become a deep technical resource that earns the trust of customer stakeholders before, during, and after a security event.
- Independently contribute to teams that include Amazonians, partners, and customers to build and deploy threat detection and incident response capabilities.
- Design, build, and deploy solutions to automate security operations and incident response on AWS.
- Independently contribute to internal builder projects to develop new consulting engagement models and capabilities for customers.
- Develop high-quality content, such as automation tools, reference architectures, and white papers to help our consultants, partners, and customers build on the work that we deliver.
- Innovate on behalf of customers by translating your thoughts into actionable results.
- Mentor and invest in our consultants, partners, and customers to raise the bar for our customers.
- Periodic on-call required.
Basic Qualifications
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- 1+ years of experience building/operating on the AWS platform
- 2+ years of threat detection or incident response experience
- 3+ years of experience in technical IT security or related job role
- Hands-on technical experience in incident response technology, security, automation, implementation, integration, and/or deployment.
Preferred Qualifications
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Experience with programming languages such as Python, Java, C+- Hands-on technical experience in building scripts, tools, or methodologies that enhance customers' threat detection and incident response capabilities.
- Experience communicating complex technical matters clearly and concisely orally and in writing.
- Knowledge of incident response workflows and processes
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Description
Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited to help customers respond to security incidents and automate security operations giving them unprecedented capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally? As a member of the Threat Detection and Incident Response Practice in the AWS Global Service Security you will have the opportunity to help customers respond to security incidents and pioneer technically superb security solutions to help customer operate securely in the cloud. Building on those experiences you'll collaborate with AWS service teams on new features, innovate with new technologies, and explore new challenges
Sales, Marketing and Global Services (SMGS)
AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.
Key job responsibilities
- Perform and oversee security incident response operations
- Become a deep technical resource that earns the trust of customer stakeholders before, during, and after a security event.
- Independently contribute to teams that include Amazonians, partners, and customers to build and deploy threat detection and incident response capabilities.
- Design, build, and deploy solutions to automate security operations and incident response on AWS.
- Independently contribute to internal builder projects to develop new consulting engagement models and capabilities for customers.
- Develop high-quality content, such as automation tools, reference architectures, and white papers to help our consultants, partners, and customers build on the work that we deliver.
- Innovate on behalf of customers by translating your thoughts into actionable results.
- Mentor and invest in our consultants, partners, and customers to raise the bar for our customers.
- Periodic on-call required.
Basic Qualifications
- Experience performing incident response activities
- 1+ years of experience building/operating on the AWS platform
- 3+ years of experience in technical IT security or related job role
- 2+ years of threat detection or incident response experience
- Hands-on technical experience in incident response technology, security, automation, implementation, integration, and/or deployment.
Preferred Qualifications
- Hands-on technical experience in building scripts, tools, or methodologies that enhance customers' threat detection and incident response capabilities.
- Strong scripting skills in modern scripting languages like PowerShell, Python, Node.js, Javascript, Bash, Ruby, or SQL.
- Experience communicating complex technical matters clearly and concisely orally and in writing.
- Experience managing customers during a security event, including managing customer expectations and delivering results.
- Knowledge of incident response workflows and processes
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Description
Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited to help customers respond to security incidents and automate security operations giving them unprecedented capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally? As a member of the Threat Detection and Incident Response Practice in the AWS Global Service Security you will have the opportunity to help customers respond to security incidents and pioneer technically superb security solutions to help customer operate securely in the cloud. Building on those experiences you'll collaborate with AWS service teams on new features, innovate with new technologies, and explore new challenges
Sales, Marketing and Global Services (SMGS)
AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.
Key job responsibilities
- Perform and oversee security incident response operations
- Become a deep technical resource that earns the trust of customer stakeholders before, during, and after a security event.
- Independently contribute to teams that include Amazonians, partners, and customers to build and deploy threat detection and incident response capabilities.
- Design, build, and deploy solutions to automate security operations and incident response on AWS.
- Independently contribute to internal builder projects to develop new consulting engagement models and capabilities for customers.
- Develop high-quality content, such as automation tools, reference architectures, and white papers to help our consultants, partners, and customers build on the work that we deliver.
- Innovate on behalf of customers by translating your thoughts into actionable results.
- Mentor and invest in our consultants, partners, and customers to raise the bar for our customers.
- Periodic on-call required.
Basic Qualifications
- Experience performing incident response activities.
- 1+years of experience building/operating on the AWS platform
- 3+years of experience in technical IT security or related job role
- 2+ years of threat detection or incident response experience
- Hands-on technical experience in incident response technology, security, automation, implementation, integration, and/or deployment.
Preferred Qualifications
- Hands-on technical experience in building scripts, tools, or methodologies that enhance customers' threat detection and incident response capabilities.
- Strong scripting skills in modern scripting languages like PowerShell, Python, Node.js, Javascript, Bash, Ruby, or SQL.
- Experience communicating complex technical matters clearly and concisely orally and in writing.
- Experience managing customers during a security event, including managing customer expectations and delivering results.
- Knowledge of incident response workflows and processes
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges.
In the Americas, SMBC Group has a presence in the US, Canada, Ireland, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization's extensive global network. The Group's operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd.
+ This is a hybrid role, requiring the successful candidate to attend our Tralee office.
**Role Description**
SMBC is seeking a Cyber Security Analyst who has a strong passion for Information Security Operations and is interested in building a career at a fast growing and reputable Bank. The Cyber Security Analyst will assist with monitoring, reviewing and performance of audits on security lists. The successful candidate will access logs, policy compliance reports and threat detection. They will be given opportunities to participate in monitoring network traffic for signs of irregular activity that may indicate a breach. You will provide incident response and support in the event of a cyber security event. You will play a key role in troubleshooting and remediate any issues and analyze threats once they have been contained. This role will report to the Cyber Monitoring & Response Team Lead.
**Role Objectives: Delivery**
+ Act as a core member of the Cyber Monitoring & Response in support of the bank
+ Analyze security alerts and respond to security events and incidents.
+ Maintain and update monitoring & response playbooks.
+ Conduct proactive threat hunting.
+ Develop expertise in our monitoring systems and technology and support Threat Detection team developing new detection ideas.
+ Identify opportunities for efficiency, work hand in hand with Security Automation team to automate and improve our response processes.
+ Assist in the implementation and ongoing support of security systems.
+ Execute tasks or support projects to enhance team's capabilities.
+ Follow standards for security excellence within the SOC.
+ Bring a positive outlook and seek to motivate and inspire your fellow team members.
+ Demonstrate understanding of cyber security best practices, risk vectors, mitigation techniques and protection software.
+ Display basic knowledge of network security concepts such as firewalls, proxy servers, email security and suspicious traffic flows.
+ Exhibit proficiency to quickly identify potential cyber security threats from logs and monitoring, and follow steps to minimize impact.
+ Show ability to convey cyber security polices and concepts to employees and conduct training efforts to ensure all employees follow recommended best practices relating to cyber security.
+ Understanding of MITRE Cyber Kill Chain and similar frameworks.
+ Knowledge of security controls related to the detection, analysis, and response (SIEM, EDR, NDR, XDR, UEBA).
+ Knowledge of Windows and Linux systems, Active Directory, Cloud technologies.
**Qualifications and Skills**
+ Bachelors Degree in Cyber Security.
+ Strong organizational, analytical, and problem-solving skills.
+ Have strong verbal and written communication skills.
+ Ability to demonstrate a self-motivated and disciplined approach to learning and working.
+ Ability to work in a team environment and demonstrate leadership skills when needed.
+ Possess a highly developed sense of personal accountability and follow-through with an ability to effectively prioritize multiple personal tasks, projects, and goals.
+ 1- 3 years of experience highly desired
**Additional Requirements**
SMBC's employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process.
SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at

Logitech is the Sweet Spot for people who want their actions to have a positive global impact while having the flexibility to do it in their own way.
Location: Cork, Ireland - Hybrid (2 days a week on site)
The Cybersecurity GRC Analyst is responsible for providing Governance, Risk and Compliance support to the Cybersecurity team. This position will report to the Head of IT GRC and will be based at the Cork office located in Ireland.
**Your Contribution:**
Be Yourself. Be Open. Stay Hungry and Humble. Collaborate. Challenge. Decide and just Do. Share our passion for Equality and the Environment. These are the behaviors you'll need for success at Logitech. In this role you will:
+ Identify and document business risks, and coordinate remediation of vulnerabilities and threats using repeatable risk assessment methodologies and processes. This may include producing and analyzing output from infrastructure, database, data classifications or web application vulnerability assessments and developing spreadsheets, diagrams, Word documents and reports as requested.
+ Communicate effectively with management, engineers, customers and others regarding the need of cybersecurity and in the implementation and maintenance of appropriate controls (ISO 27001, NIST 800-53) to mitigate significant risks.
+ Train assigned team members on security best practices.
+ Identify and communicate recommended security and control deficiencies for business units. Document and monitor the implementation of controls for technology and business project plans.
+ Help drive the Cybersecurity Compliance and Governance program.
+ Develops and maintains a data inventory, conducting regular reviews and risk assessments.
+ Develops, implements and maintains the data security plan according to Cybersecurity Leadership guidance.
+ Maintains contact and coordination with internal/external audit and prepares responses to audit reports.
+ Provides guidance and risk assessments of new and existing solutions, services, and business processes.
+ Becomes an expert and provides direction around the administration of the GRC platform to ensure compliance program operates efficiently with minimal impact on control owner
+ Develop policy documents with supporting procedures in support of compliance programs.
**Key Qualifications:**
For consideration, you must bring the following minimum skills and behaviors to our team:
+ 3 years of security, information technology or technology risk management related work experience.
+ Two years of GRC experience with a strong understanding of how to design and execute compliance activities
**In addition,** **preferable** **skills and behaviors include:**
+ Strong communication and organizational skills, ability to multitask, strong attention to details, excellent problem solving and follow-up skills required.
+ Work independently, make decisions and multi-task effectively in a very diverse, project oriented environment.
+ Excellent written communication and time management abilities
+ Program Management (using frameworks, establishing policies and controls for compliance requirements)
+ Comfort working with a globally dispersed team relying heavily on communication/collaboration tools
**Education:**
+ A Bachelor's Degree (or equivalent) and 3+ years of experience in one of the following functions: Corporate/Risk Governance, Compliance, Project Management or related areas.
Across Logitech we empower collaboration and foster play. We help teams collaborate/learn from anywhere, without compromising on productivity or continuity so it should be no surprise that most of our jobs are open to work from home from most locations. Our hybrid work model allows some employees to work remotely while others work on-premises. Within this structure, you may have teams or departments split between working remotely and working in-house.
Logitech is an amazing place to work because it is full of authentic people who are inclusive by nature as well as by design. Being a global company, we value our diversity and celebrate all our differences. Don't meet every single requirement? Not a problem. If you feel you are the right candidate for the opportunity, we strongly recommend that you apply. We want to meet you!
We offer comprehensive and competitive benefits packages and working environments that are designed to be flexible and help you to care for yourself and your loved ones, now and in the future. We believe that good health means more than getting medical care when you need it. Logitech supports a culture that encourages individuals to achieve good physical, financial, emotional, intellectual and social wellbeing so we all can create, achieve and enjoy more and support our families. We can't wait to tell you more about them being that there are too many to list here and they vary based on location.
All qualified applicants will receive consideration for employment without regard to race, sex, age, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
If you require an accommodation to complete any part of the application process, are limited in the ability, are unable to access or use this online application process and need an alternative method for applying, you may contact us toll free at +1- for assistance and we will get back to you as soon as possible.