18 Security Operations jobs in Ireland

**Job Description**
We are looking for people with experience protecting critical infrastructure to help us protect Oracle's enterprise against malicious attacks. Our team is skilled in threat hunting, analyzing indicators of compromise (IOCs), investigating adverse security events, security incident management, and digital forensics across IaaS, PaaS and SaaS environments. You will lead a global Security Operations Center organization responsible for defending this infrastructure from adversaries and insider threats. This includes using tools to analyze and respond to threats, creating tools/scripts to aid in analysis and response, and responding in real time to adverse security events. Our team is the last line of defense if security controls are breached. The scope of responsibility for team is continuing to grow with the needs of the business and we are constantly evolving our defenses as our adversaries evolve theirs. We're building a future based on scaling through automation, proactive hunting, and rapid response. We're finding new and innovative ways to operate at hyper-scale using cutting edge technologies. We're looking for a leader that will take this function into the future.
The role
OCI Security Operations is looking for an accomplished leader to head our Global Security Operations Center charged with protecting Oracle's Cloud Infrastructure, Global Industry Units, Oracle Health, Government infrastructure (including Top Secret environments, and Oracle's corporate network. As the leader of this team, you will drive SOC strategy, standards, and execution for protecting infrastructure that support billions of dollars in annual revenue. Your team will provide detection, triage, and investigation of all adverse security events. You will be responsible for 24x7x365 security operations of a global team with personnel on five continents.
Key Responsibilities
+ Manage the day-to-day delivery of multiple security monitoring teams and outcomes, including triage, escalations, proactive hunting, and tactical response
+ Adapt the team's approach to security monitoring to ensure the team can scale as Oracle's cloud footprint grows
+ Create consistent processes that work in a hybrid enterprise environment
+ Lead, mentor, and provide career development for a team of 100+ personnel
+ Develop and deliver long term strategies and roadmaps for security monitoring of our internal networks and security monitoring as a service for our customers
+ Lead the development of processes and procedures to improve system and service uptime, maintenance, and delivery
+ Stay informed on security developments, including research industry trends, ongoing security threats, and new security tools
+ Identify, improve, and measure meaningful security monitoring metrics, including defining and delivering against objectives and key results
+ Effectively communicate security concepts, asks, and wins with audiences consisting of both security experts and non-experts
+ Establish, grow, and maintain a supportive and collaborative team culture across distributed time zones
+ Develop hiring plans and strategic plans to attract, develop, and retain talent
+ Communicate effectively with customers, partners, and senior executives
+ Collaborate effectively with other Oracle security teams operating within a federated security environment
Preferred Qualifications
+ 10+ years of management experience in cybersecurity operations at a cloud service provider
+ 5+ years of experience as a manager of mangers
+ Experience being accountable for an operational security function
+ Excellent written, verbal communications, and presentation skills
+ Proven ability to communicate with all levels of the organization, and with external parties
+ Experience managing various facets of Red/Blue exercises
+ Knowledge of current adversary TTP's and experience responding to APT attacks
+ Understanding of security incident response processes and technologies
+ Knowledge of security monitoring processes and technologies
+ Proven ability to work and collaborate in a geographically dispersed, highly matrixed organization
+ Extensive knowledge of forensic tools and capabilities
+ Experience coordinating threat hunt activities
+ Experience leading a distributed security organization with 75+ staff
+ Experience working on a security team of 100+ staff
+ Security Operations experience in an environment with highly regulated controls (Government, Military, Finance, etc)
+ BS or MS degree in Computer Science, Computer Engineering, Information Systems, Cyber Security, or equivalent experience
**Responsibilities**
As a director of the software engineering division, you will apply your extensive knowledge of software architecture to manage software development tasks associated with developing, debugging or designing software applications, operating systems and databases according to provided design specifications. Build enhancements within an existing software architecture and envision future improvements to the architecture.
Career Level - M5
**About Us**
As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity.
We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all.
Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing or by calling +1 in the United States.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

Description
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. Amazon Security Platform Engineering provides the tools that allow Amazon to secure the cloud, our employees, and our customers.
At Amazon Security, we hire the best minds in technology to innovate and build on behalf of our customers. The intense focus we have on our customers is why we are one of the world's most beloved brands - customer obsession is part of our company DNA.
Amazon Security is a multidisciplinary team comprised of software engineers, security engineers, program managers, data engineers, and compliance specialists. If you are looking for an opportunity to think big, invent, experiment, build, and have a material impact on cloud security and compliance, this is it.
AWS Security Operations Centre (SOC) Software Engineering team builds and owns services that automate and power security processes within Amazon. As an SDE on the SOC Software Engineering team, your role is pivotal in maintaining the robust and innovative solutions of our team. The team You will work on complex challenges in existing and new development initiatives, focusing on areas with ambiguity. Your goal is to design and develop software systems that are secure, maintainable, scalable, and extendable. You will develop an understanding of the business impact of your systems and make responsible trade-offs between the short-term operational needs and long-term business objectives. Professional traits that are not unique to this position, but necessary for Amazon leaders:
- Exhibits excellent judgment.
- Has relentlessly high standards (is never satisfied with the status quo).
- Is able to dive deep and is never out of touch with the details of the business or the technology.
- Expects and requires innovation of their team.
- Has passion and convictions and the innate ability to inspire passion in others.
- Strong results orientation.
- Thinks big.
Amazon will provide relocation support for successful applicants relocating within the European Union.
Key job responsibilities
- Write high-quality, efficient, and testable production code.
- Build highly available, secure distributed systems at Amazon scale
- Be an end-to-end technical owner of the services you build, including development, testing and support.
- Make a direct contribution to planning, design, implementation, testing, operations, and process improvement as a member of an Agile team.
- Be part of growing, tight-knit team within a wider community of experienced and knowledgeable engineers.
A day in the life
Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we're building an environment that celebrates knowledge sharing and mentorship. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training and Career growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
- Experience (non-internship) in professional software development
- Experience designing or architecting (design patterns, reliability and scaling) of new and existing systems
- Experience programming with at least one software programming language
- Successful applicants must have the legal right to work in Ireland.
Preferred Qualifications
- Bachelor's degree in computer science or equivalent
- Experience with full software development life cycle, including coding standards, code reviews, source control management, build processes, testing, and operations
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Description
Amazon is seeking a qualified Security Engineer to join our innovative, high energy Information Security team. In this role you will work within the Amazon Security Incident Response Team (SIRT). SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard highly sensitive data. They work hands-on with detection systems and vulnerability analysis tools to respond to potential threats to Amazon systems. SIRT Security Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis. With your technical expertise, you will be solving security challenges at scale, working to protect the applications powering the most sophisticated e-commerce platform ever built. We value broad and deep technical knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence.
Key job responsibilities
- Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon.
- Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future.
- Assisting in the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
- Identifying and recommending solutions that improve or expand Amazon's incident response capabilities.
- Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk.
- Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon, coordinating response as necessary across affected teams.
- Keeping your knowledge and skills current with the rapidly changing threat landscape.
- Participating in a follow-the-sun on-call rotation.
About the team
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training and Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
- BS in Computer Science, Information Security, or equivalent professional experience
- 1-3 years of demonstrated experience in areas such as incident response, systems security, network security, and/or application security
- Proficiency in at least one programming language (e.g., Python, Go, PowerShell, Shell scripting, Perl, Ruby, Java, C++, C)
- Technical depth in two or more specialties including: digital forensics, malware analysis, network security, application security, security intelligence, and security operations
- Understanding of security vulnerabilities, attacker exploit techniques, and their remediation methodologies.
Preferred Qualifications
- Experience triaging and developing security alerts and response automation, conducting front-line analysis, and providing escalation support.
- 3+ years of information security experience.
- Relevant industry certifications from SANS, ISC2, etc.
- Strong demonstrated knowledge of Unix tools and architecture.
- Experience working as part of a Computer Security Incident Response Team (CSIRT)
- Familiarity/experience with AWS services and security concepts.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges.
In the Americas, SMBC Group has a presence in the US, Canada, Ireland, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization's extensive global network. The Group's operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd.
+ This is a hybrid role, requiring the successful candidate to attend our Tralee office.
**Role Description**
As a Cyber Incident Response Analyst, you will be a key part of a high performing SOC team, with a desire to continually improve and advance our capabilities to protect SMBC Group. You will bring your passion for Cybersecurity to a team of like-minded professionals and leverage this passion to ensure our monitoring and response capabilities are effective and efficient and that we keep pace with a rapidly changing threat landscape.
You will relish your core role in supporting the monitoring and response of cyber security alerts and incidents by digging into and investigating them to find the root cause and identifying the gap in controls that allowed a threat to reach that point in the kill chain. If you identify an incident, you will lead that technical analysis, tracking down the actions of that threat actor as part of the incident response, while supported by the wider Incident response process and members of the SOC and CSIRT teams. If you identify a false positive, you will drive the effort to tune or refine our detections, or to drive improvements to our preventative controls to prevent a recurrence, freeing more time for the SOC to focus on improving our skills and capabilities. With your knowledge and expertise, you will develop and hone the SOC through work-product review, mentoring, and ownership of projects to develop the technical capabilities of the SOC.
As part of a wider team of SOC analysts, you are able to focus on an area you are passionate about, or if sufficiently experienced, take the lead. You will develop deep expertise and expand our capabilities in domains ranging from across Purple Teaming, Threat hunting, Digital Forensics and Incident Response (DFIR), Security Automation, Detection Engineering and Threat Intelligence and share this knowledge to develop the depth of knowledge of the SOC. As part of a Financial Group with offices and data centers across the Globe, you will have access and exposure to leading technologies and tools. If there is a gap in our toolset, you can help us identify and bridge that gap by acting as Subject Matter Expert to do so. You will bring fresh ideas, challenge the status quo, and seek always to answer - how can we improve?
This role is best suited for candidates who enjoy and have experience within SOC or CSIRT teams and enjoy investigating and finding the root of an issue or incident and working on getting the most from leading edge security toolsets and platforms and processes. Candidates who excel will think critically to find ways to resolve security challenges. This role would suit an experienced and self-motivated cyber security professional with strong technical skills and knowledge combined with a passion for cyber security.
Note: Expectation is to be onsite once a month for this role.
**Role Objectives**
-Act as technical lead in the development and enhancement of capabilities such as Cyber Monitoring & Response/Purple Teaming/Threat Hunting/Digital Forensics/Incident Response
-Act as an escalation point for the analysis of security alerts or technical response to security events and incidents
-Review and guide the SOC personnel for well-written, complete, and thorough analysis
-Mentor and guide more junior SOC personnel sharing your knowledge and expertise.
-Develop and improve monitoring & response playbooks.
-Conduct proactive threat hunting and DFIR activities.
-Develop deep expertise in our monitoring systems and technology to act as an SME in working with our detection engineering and automation teams to enhance our abilities to prevent, detect & respond.
-Identify and test new adversary TTPs and our ability to detect and respond to them.
-Identify opportunities for efficiency, work hand in hand with Security Automation team to automate and improve our response processes.
-Assist in the implementation and ongoing support of security systems, acting as an SME for SOC related projects.
-Execute tasks or support projects to enhance team's capabilities.
-Assist in defining SOC requirements for information technology projects.
-Act as a role model and set the standard for technical analysis within the SOC.
-Providing strong mentorship and guidance to more junior SOC team members by acting and leading by example. Bring a positive outlook and seek to motivate and inspire your fellow team members.
-Demonstrate comprehensive understanding of cyber security best practices, risk vectors, mitigation techniques and protection software. Display knowledge of network security concepts and tools such as firewalls, proxy servers, email security and suspicious traffic flows. Exhibit analytical ability to lead incident response and mitigation efforts as well as identify key areas for improvement from post-incident analysis. Show ability to convey cyber security polices and concepts to employees and lead training efforts to ensure all employees follow recommended best practices relating to cyber security.
-Strong understanding of MITRE ATT&CK Cyber Kill Chain and similar frameworks.
-Strong knowledge of security controls related to the detection, analysis, and response (SIEM, EDR, NDR, XDR, UEBA).
-Strong knowledge of Windows and Linux systems, Active Directory, Cloud technologies.
**Qualifications and Skills**
-5+ years of experience in cyber security experience required, ideally in a SOC, DFIR, or CSIRT role.
-Strong verbal and written communication skills with experience in documenting their work to a high level.
-Professional Certifications an advantage but not essential if have requisite role knowledge, GCIH, GNFA, GFCA, Certified Ethical Hacker (CEH), OSCP, CISSP or similar certifications a plus.
-Must be self-directed with the ability to work independently.
-Ability to multi-task and remain productive in a service-driven and results oriented environment.
-Demonstrated strong organizational, analytical, and problem-solving skills.
**Additional Requirements**
SMBC's employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process.
SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at

**About Abbott**
Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, Nutritionals and branded generic medicines. Our 110,000 colleagues serve people in more than 160 countries.
Abbott serves the Irish market with a diverse range of healthcare products including diagnostics, medical devices and Nutritionals products. In Ireland, Abbott employs over 4,000 people across nine sites. We have six manufacturing facilities located in Clonmel, Cootehill, Donegal, Longford and Sligo and a third-party manufacturing management operation in Sligo. Abbott has commercial, support operations and shared services in Dublin and Galway. We have been operating in Ireland since 1946
The successful candidate will join the Shared Services Centre **based in our EMEA Shared Services Hub in Cherrywood, Dublin**
We currently have a vacancy for a **Cyber Incident Response Analyst** who will work within the Cybersecurity team, looking after the EMEA and US markets.
**Responsabilities**
+ Analyze and respond to security incidents with urgency and precision, ensuring timely identification, containment, and eradication of threats across global operations.
+ Lead complex investigations and mentor junior analysts, managing escalations and contributing to the continuous development of the team's capabilities.
+ Design, implement, and manage security controls focused on identity management and email security, while staying ahead of emerging threats and technologies.
+ Collaborate cross-functionally with global teams to enhance the organization's overall security posture and incident response readiness.
+ Conduct forensic investigations to determine root causes and recommend preventive measures, contributing to long-term resilience.
+ Support tasks beyond traditional incident response, demonstrating flexibility and a proactive mindset in a dynamic environment.
+ Participate in global SOC operations, requiring strong communication, critical thinking, and the confidence to take calculated risks and learn from failure.
**Requirements**
+ Minimum of 5 years of experience in a Security Operations Center (SOC) or incident response role.
+ Strong technical expertise in identity management and email security solutions.
+ Solid understanding of SOC operations, threat detection, and response workflows.
+ Hands-on experience with forensic investigations and root cause analysis.
+ Excellent verbal and written communication skills, with the ability to convey complex information clearly.
+ Demonstrated critical thinking, adaptability, and a proactive approach to problem-solving.
+ Comfortable working in a fast-paced, high-pressure environment and outside of core business hours when needed.
+ Not afraid to fail-embraces challenges as learning opportunities and contributes to a culture of continuous improvement.
+ Professional certifications such as GIAC (GCIH, GCIA, GCFA) or similar are preferred.
+ Strong computer skills and experience with documentation, compliance, and reporting.
**What We Offer**
Attractive compensation package that includes **competitive pay and structure Bonus** , as well as benefits such as
+ Private Health Insurance for you and your family
+ Occupational Pension Scheme with an excellence contribution rate
+ Bonus Target
+ Life assurance
+ Career Development
+ Growing business plus access to many more benefits
Connect with us at , on LinkedIn at , on Facebook at and on Twitter @AbbottNews and @AbbottGlobal.
.
An Equal Opportunity Employer
Abbot welcomes and encourages diversity in our workforce.
We provide reasonable accommodation to qualified individuals with disabilities.
To request accommodation, please call or email

Description
Amazon is seeking for a qualified Security Engineer to join our innovative, high energy Information Security team. In this role you will work within the Amazon Security Incident Response Team (SIRT). SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard highly sensitive data. They work hands-on with detection systems and vulnerability analysis tools to respond to potential threats to Amazon systems. SIRT Security Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis. With your technical expertise, you will be solving security challenges at scale, working to protect the applications powering the most sophisticated e-commerce platform ever built. We value broad and deep technical knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence.
Key job responsibilities
- Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon.
- Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future.
- Assisting in the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
- Identifying and recommending solutions that improve or expand Amazon's incident response capabilities.
- Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk.
- Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon, coordinating response as necessary across affected teams.
- Keeping your knowledge and skills current with the rapidly changing threat landscape.
- Participating in a follow-the-sun on-call rotation.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training and Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
- BS in Computer Science, Information Security, and 5+ years of experience with incident response.
- Experience with common security monitoring, log analysis and forensic tools.
- Proficient in one or more scripting languages (E.g: Python, Perl, Bash, PowerShell, etc.)
- Able to perform DFIR and provide incident command at all stages (identification, containment, eradication, recovery, etc) while coordinating with various teams and providing reporting to leadership.
Preferred Qualifications
- Technical depth in one or more specialties including: application security, infrastructure security, digital forensics, malware analysis, threat hunting or some combination thereof.
- Relevant industry certifications from SANS, ISC2, etc.
- Experience working as part of a Computer Security Incident Response Team (CSIRT)
- Familiarity/experience with AWS services and security concepts.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

About Us:
We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people.
How We Work:
At Proofpoint, you'll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values: Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact.
**About Proofpoint**
At Proofpoint, we are committed to protecting organizations and individuals from cyber threats through innovative security solutions. Our mission is to safeguard our customers from advanced threats, phishing attacks, and data breaches with cutting-edge technology and a global team of security experts.
**Role Overview**
We are seeking an experienced **Information** **Security Engineer** to join our global security team in Cork, Ireland. This is a critical role within our **Cyber Incident Response Team (CIRT)** , responsible for managing and responding to security incidents across our global operations. You will serve as an **escalation point for our 24/7 Security Operations Center (SOC)** and play a key role in the automation, orchestration, and enhancement of our security incident response capabilities.
This position requires deep expertise in cybersecurity, strong analytical skills, and the ability to work collaboratively in a fast-paced environment. If you thrive in a role where you can actively **defend against cyber threats, conduct threat hunting, and drive security automation** , this opportunity is for you.
**Key Responsibilities**
+ **Incident Response & Escalation:**
+ Act as the **L3 escalation point** for high-severity security incidents within the **global 24/7 SOC** .
+ Lead **complex investigations** into advanced cyber threats, including malware outbreaks, targeted attacks, and persistent threats.
+ Provide **expert-level guidance** on containment, mitigation, and remediation strategies.
+ **Threat Hunting & Threat Assessment:**
+ Proactively hunt for **hidden threats** within enterprise networks using threat intelligence and behavioral analytics.
+ Develop and refine **threat detection rules** to improve SOC visibility.
+ Assess emerging threats and provide actionable recommendations to enhance security posture.
+ **Security Automation & Orchestration:**
+ Design and implement **automated workflows** to enhance security event triage and response.
+ Leverage **SOAR (Security Orchestration, Automation, and Response) platforms** to streamline incident response.
+ Work with **SIEM (Security Information and Event Management)** tools to optimize log ingestion and alerting mechanisms.
+ **Security Tooling & Continuous Improvement:**
+ Collaborate with security architects and engineers to **enhance detection and response capabilities** .
+ Perform **root cause analysis** on security incidents and recommend improvements to security controls.
+ Stay updated on **industry best practices** and evolving attack techniques to ensure effective defenses.
**Required Qualifications & Experience**
+ **Extensive hands-on experience** in **Cybersecurity Incident Response** or Security Operations.
+ Strong background in **SOC operations, SIEM, threat intelligence, and digital forensics** .
+ Expertise in investigating **malware, phishing, web attacks, insider threats, and advanced persistent threats (APTs)** .
+ Experience working with **security automation and orchestration tools (SOAR)** .
+ Familiarity with scripting languages such as **Python, PowerShell, or Bash** for security automation.
+ Strong understanding of **MITRE ATT&CK framework** , TTPs (Tactics, Techniques, and Procedures), and cyber kill chain.
+ Hands-on experience with **cloud security (AWS, Azure, GCP)** is a plus.
+ Certifications such as **GCIH, GCFA, CISSP, CISM, or OSCP** are highly desirable.
+ Ability to work in a fast-paced, global environment and **collaborate with cross-functional teams** .
**Why Proofpoint**
Protecting people is at the heart of our award-winning lineup of cybersecurity solutions, and the people who work here are the key to our success. We're a customer-focused and a driven-to-win organization with leading-edge products. We are an inclusive, diverse, multinational company that believes in culture fit, but more importantly 'culture-add', and we strongly encourage people from all walks of life to apply.
We believe in hiring the best and the brightest to help cultivate our culture of collaboration and appreciation. If you're an experienced governance and compliance leader with a passion for building teams and driving security excellence, we'd love to hear from you!
Apply today and explore your future at Proofpoint! #LifeAtProofpoint
#LI-CB1
Why Proofpoint? At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you'll love working with us:
- Competitive compensation
- Comprehensive benefits
- Learning & Development: We are committed to the growth and development of our team members, offering a range of programs including leadership and professional development workshops, stretch project assignments, and mentoring opportunities to help employees reach their full potential.
- Flexible work environment: (Remote options, hybrid schedules, flexible hours, etc.).
- Annual wellness and community outreach days
- Always on recognition for your contributions
- Global collaboration and networking opportunities
Our Culture:
Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to . How to Apply Interested? Submit your application here . We can't wait to hear from you!
Proofpoint has been honored with six Best Places to Work Awards in 2024 by workplace culture leader Comparably, including Best Company Career Growth, Best Company Outlook, Best Global Culture, Best Engineering Teams, Best Sales Teams, and Best HR Teams.
We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people.
Our BRAVE Values:
At Proofpoint, we are BRAVE in everything we do, and our values aren't just words-they shape how we work, collaborate, and grow.
We seek people who are bold enough to challenge the status quo, responsive in the face of ever-evolving threats, and accountable for delivering real impact.
We value those with a visionary mindset who anticipate what's next and push cybersecurity forward, and we celebrate exceptional execution that ensures we continue to defend data and protect people.
Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.
Find your network, your allies, and your biggest fans. We know that work is simply better when you're surrounded by people who inspire you-who share ideas, cheer you on, and genuinely want to see you succeed. That's why we offer social circles, sponsored networks, and connection points across teams and time zones-to help you find your people, build your community, and thrive together.
This isn't just a job-it's a mission to protect people and defend data in a world that never slows down. We're building the future of human-centric cybersecurity, and that future belongs to all of us. We take ownership, move fast, and hold ourselves accountable-because that's what it takes to stay ahead. And we do it together, winning as one.
Be empowered to reach your full potential through meaningful challenges and personalized support-designed around you and your goals. Whether you're growing as a leader or leveling up from great to exceptional as an individual contributor, we're here to help you get there.
Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.

Description
Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited to help customers respond to security incidents and automate security operations giving them unprecedented capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally? As a member of the Threat Detection and Incident Response Practice in the AWS Global Service Security you will have the opportunity to help customers respond to security incidents and pioneer technically superb security solutions to help customer operate securely in the cloud. Building on those experiences you'll collaborate with AWS service teams on new features, innovate with new technologies, and explore new challenges
Sales, Marketing and Global Services (SMGS)
AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.
Key job responsibilities
- Perform and oversee security incident response operations
- Become a deep technical resource that earns the trust of customer stakeholders before, during, and after a security event.
- Independently contribute to teams that include Amazonians, partners, and customers to build and deploy threat detection and incident response capabilities.
- Design, build, and deploy solutions to automate security operations and incident response on AWS.
- Independently contribute to internal builder projects to develop new consulting engagement models and capabilities for customers.
- Develop high-quality content, such as automation tools, reference architectures, and white papers to help our consultants, partners, and customers build on the work that we deliver.
- Innovate on behalf of customers by translating your thoughts into actionable results.
- Mentor and invest in our consultants, partners, and customers to raise the bar for our customers.
- Periodic on-call required.
Basic Qualifications
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- 1+ years of experience building/operating on the AWS platform
- 2+ years of threat detection or incident response experience
- 3+ years of experience in technical IT security or related job role
- Hands-on technical experience in incident response technology, security, automation, implementation, integration, and/or deployment.
Preferred Qualifications
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Experience with programming languages such as Python, Java, C+- Hands-on technical experience in building scripts, tools, or methodologies that enhance customers' threat detection and incident response capabilities.
- Experience communicating complex technical matters clearly and concisely orally and in writing.
- Knowledge of incident response workflows and processes
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Description
The Amazon Web Services team is looking for a passionate Security Incident Response Engineer who can lead the response to security issues across the largest cloud provider in the world. You must thrive in dynamic/ambiguous situations, and think like both an attacker and defender, while working through the entire incident response lifecycle. You'll be working in a global team environment where clear and accurate communication and collaboration on security issues is critical.
In this role you'll be conducting security monitoring and response activities for the Amazon internal network. We value broad and deep technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence. We don't expect you to be an expert in all of the domains mentioned above, but we do expect you to be excited to learn about them!
You'll apply your creative and critical problem solving skills to quickly design and build tooling that enables programmatic automation at a massive scale. You must have a passion for engineering solutions to complex security challenges, and recognize and fill gaps in capabilities. Above all, you should be passionate about information security, the threat landscape and security automation and tooling.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Basic Qualifications
- Bachelor's degree in computer science or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language
- 5+ years or more of demonstrated experience with a focus in areas such as systems, network, and/or application security.
- 3+ years of experience on a Security Operations team, coordinating responses to security incidents.
- Proficiency with one high-level programming or scripting language.
Preferred Qualifications
- 3+ years experience performing detection engineering in a dedicated or hybrid capacity supporting incident response and threat intel operations.
- 5+ years experience working in incident response response, security automation tooling, threat intelligence, or forensics.
- Experience with Amazon Web Services.
- Experience in Security Incident Response and proficiency in at least one of the following domains: Malware Analysis / Reverse Engineering; Digital Forensics; Security Tool Development & Automation; Programming/Scripting; Network & OS Security; Identity Management
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.