19 Security Operations jobs in Ireland

Description
Amazon is seeking a qualified Security Engineer to join our innovative, high energy Information Security team. In this role you will work within the Amazon Security Incident Response Team (SIRT). SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard highly sensitive data. They work hands-on with detection systems and vulnerability analysis tools to respond to potential threats to Amazon systems. SIRT Security Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis. With your technical expertise, you will be solving security challenges at scale, working to protect the applications powering the most sophisticated e-commerce platform ever built. We value broad and deep technical knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence.
Key job responsibilities
- Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon.
- Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future.
- Assisting in the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
- Identifying and recommending solutions that improve or expand Amazon's incident response capabilities.
- Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk.
- Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon, coordinating response as necessary across affected teams.
- Keeping your knowledge and skills current with the rapidly changing threat landscape.
- Participating in a follow-the-sun on-call rotation.
About the team
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training and Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
- BS in Computer Science, Information Security, or equivalent professional experience
- 1-3 years of demonstrated experience in areas such as incident response, systems security, network security, and/or application security
- Proficiency in at least one programming language (e.g., Python, Go, PowerShell, Shell scripting, Perl, Ruby, Java, C++, C)
- Technical depth in two or more specialties including: digital forensics, malware analysis, network security, application security, security intelligence, and security operations
- Understanding of security vulnerabilities, attacker exploit techniques, and their remediation methodologies.
Preferred Qualifications
- Experience triaging and developing security alerts and response automation, conducting front-line analysis, and providing escalation support.
- 3+ years of information security experience.
- Relevant industry certifications from SANS, ISC2, etc.
- Strong demonstrated knowledge of Unix tools and architecture.
- Experience working as part of a Computer Security Incident Response Team (CSIRT)
- Familiarity/experience with AWS services and security concepts.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges.
In the Americas, SMBC Group has a presence in the US, Canada, Ireland, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization's extensive global network. The Group's operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd.
+ This is a hybrid role, requiring the successful candidate to attend our Tralee office.
**Role Description**
As a Cyber Incident Response Analyst, you will be a key part of a high performing SOC team, with a desire to continually improve and advance our capabilities to protect SMBC Group. You will bring your passion for Cybersecurity to a team of like-minded professionals and leverage this passion to ensure our monitoring and response capabilities are effective and efficient and that we keep pace with a rapidly changing threat landscape.
You will relish your core role in supporting the monitoring and response of cyber security alerts and incidents by digging into and investigating them to find the root cause and identifying the gap in controls that allowed a threat to reach that point in the kill chain. If you identify an incident, you will lead that technical analysis, tracking down the actions of that threat actor as part of the incident response, while supported by the wider Incident response process and members of the SOC and CSIRT teams. If you identify a false positive, you will drive the effort to tune or refine our detections, or to drive improvements to our preventative controls to prevent a recurrence, freeing more time for the SOC to focus on improving our skills and capabilities. With your knowledge and expertise, you will develop and hone the SOC through work-product review, mentoring, and ownership of projects to develop the technical capabilities of the SOC.
As part of a wider team of SOC analysts, you are able to focus on an area you are passionate about, or if sufficiently experienced, take the lead. You will develop deep expertise and expand our capabilities in domains ranging from across Purple Teaming, Threat hunting, Digital Forensics and Incident Response (DFIR), Security Automation, Detection Engineering and Threat Intelligence and share this knowledge to develop the depth of knowledge of the SOC. As part of a Financial Group with offices and data centers across the Globe, you will have access and exposure to leading technologies and tools. If there is a gap in our toolset, you can help us identify and bridge that gap by acting as Subject Matter Expert to do so. You will bring fresh ideas, challenge the status quo, and seek always to answer - how can we improve?
This role is best suited for candidates who enjoy and have experience within SOC or CSIRT teams and enjoy investigating and finding the root of an issue or incident and working on getting the most from leading edge security toolsets and platforms and processes. Candidates who excel will think critically to find ways to resolve security challenges. This role would suit an experienced and self-motivated cyber security professional with strong technical skills and knowledge combined with a passion for cyber security.
Note: Expectation is to be onsite once a month for this role.
**Role Objectives**
-Act as technical lead in the development and enhancement of capabilities such as Cyber Monitoring & Response/Purple Teaming/Threat Hunting/Digital Forensics/Incident Response
-Act as an escalation point for the analysis of security alerts or technical response to security events and incidents
-Review and guide the SOC personnel for well-written, complete, and thorough analysis
-Mentor and guide more junior SOC personnel sharing your knowledge and expertise.
-Develop and improve monitoring & response playbooks.
-Conduct proactive threat hunting and DFIR activities.
-Develop deep expertise in our monitoring systems and technology to act as an SME in working with our detection engineering and automation teams to enhance our abilities to prevent, detect & respond.
-Identify and test new adversary TTPs and our ability to detect and respond to them.
-Identify opportunities for efficiency, work hand in hand with Security Automation team to automate and improve our response processes.
-Assist in the implementation and ongoing support of security systems, acting as an SME for SOC related projects.
-Execute tasks or support projects to enhance team's capabilities.
-Assist in defining SOC requirements for information technology projects.
-Act as a role model and set the standard for technical analysis within the SOC.
-Providing strong mentorship and guidance to more junior SOC team members by acting and leading by example. Bring a positive outlook and seek to motivate and inspire your fellow team members.
-Demonstrate comprehensive understanding of cyber security best practices, risk vectors, mitigation techniques and protection software. Display knowledge of network security concepts and tools such as firewalls, proxy servers, email security and suspicious traffic flows. Exhibit analytical ability to lead incident response and mitigation efforts as well as identify key areas for improvement from post-incident analysis. Show ability to convey cyber security polices and concepts to employees and lead training efforts to ensure all employees follow recommended best practices relating to cyber security.
-Strong understanding of MITRE ATT&CK Cyber Kill Chain and similar frameworks.
-Strong knowledge of security controls related to the detection, analysis, and response (SIEM, EDR, NDR, XDR, UEBA).
-Strong knowledge of Windows and Linux systems, Active Directory, Cloud technologies.
**Qualifications and Skills**
-5+ years of experience in cyber security experience required, ideally in a SOC, DFIR, or CSIRT role.
-Strong verbal and written communication skills with experience in documenting their work to a high level.
-Professional Certifications an advantage but not essential if have requisite role knowledge, GCIH, GNFA, GFCA, Certified Ethical Hacker (CEH), OSCP, CISSP or similar certifications a plus.
-Must be self-directed with the ability to work independently.
-Ability to multi-task and remain productive in a service-driven and results oriented environment.
-Demonstrated strong organizational, analytical, and problem-solving skills.
**Additional Requirements**
SMBC's employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process.
SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at

Description
Amazon is seeking for a qualified Security Engineer to join our innovative, high energy Information Security team. In this role you will work within the Amazon Security Incident Response Team (SIRT). SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard highly sensitive data. They work hands-on with detection systems and vulnerability analysis tools to respond to potential threats to Amazon systems. SIRT Security Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis. With your technical expertise, you will be solving security challenges at scale, working to protect the applications powering the most sophisticated e-commerce platform ever built. We value broad and deep technical knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence.
Key job responsibilities
- Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon.
- Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future.
- Assisting in the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
- Identifying and recommending solutions that improve or expand Amazon's incident response capabilities.
- Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk.
- Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon, coordinating response as necessary across affected teams.
- Keeping your knowledge and skills current with the rapidly changing threat landscape.
- Participating in a follow-the-sun on-call rotation.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training and Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
- BS in Computer Science, Information Security, and 5+ years of experience with incident response.
- Experience with common security monitoring, log analysis and forensic tools.
- Proficient in one or more scripting languages (E.g: Python, Perl, Bash, PowerShell, etc.)
- Able to perform DFIR and provide incident command at all stages (identification, containment, eradication, recovery, etc) while coordinating with various teams and providing reporting to leadership.
Preferred Qualifications
- Technical depth in one or more specialties including: application security, infrastructure security, digital forensics, malware analysis, threat hunting or some combination thereof.
- Relevant industry certifications from SANS, ISC2, etc.
- Experience working as part of a Computer Security Incident Response Team (CSIRT)
- Familiarity/experience with AWS services and security concepts.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Cyber Incident Response & Engineering Lead - Dublin (Hybrid) We're hiring a Cyber Security Incident Response & Engineering Lead to help guide our enterprise-level Security Operations Centre. You'll lead both incident response and detection engineering efforts, mentoring a team and owning tooling across SIEM, SOAR, and EDR platforms. What you'll do: Lead response to major security incidents across multiple clients Own SIEM/SOAR/EDR architecture and tuning Run tabletop exercises and post-incident reviews Mentor and support SOC analysts and engineers Drive continuous improvement across tooling and workflows What you'll bring: 5+ years in cyber security, with incident response leadership Strong hands-on experience with SIEM, SOAR, EDR platforms Ability to guide and mentor a team Knowledge of MITRE ATT&CK, kill chains, forensic investigation Clear communicator under pressure Apply today or email #therealrecruiter #IncidentResponse #SIEM #SOAR #SOCLeadership #CyberJobs

About Us:
We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people.
How We Work:
At Proofpoint, you'll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values: Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact.
**About Proofpoint**
At Proofpoint, we are committed to protecting organizations and individuals from cyber threats through innovative security solutions. Our mission is to safeguard our customers from advanced threats, phishing attacks, and data breaches with cutting-edge technology and a global team of security experts.
**Role Overview**
We are seeking an experienced **Information Security Engineer** to join our global security team in Cork, Ireland. This is a critical role within our **Cyber Incident Response Team (CIRT)** , responsible for managing and responding to security incidents across our global operations. You will serve as an **escalation point for our 24/7 Security Operations Center (SOC)** and play a key role in the automation, orchestration, and enhancement of our security incident response capabilities.
This position requires deep expertise in cybersecurity, strong analytical skills, and the ability to work collaboratively in a fast-paced environment. If you thrive in a role where you can actively **defend against cyber threats, conduct threat hunting, and drive security automation** , this opportunity is for you.
**Key Responsibilities**
+ **Incident Response & Escalation:**
+ Act as the **L3 escalation point** for high-severity security incidents within the **global 24/7 SOC** .
+ Lead **complex investigations** into advanced cyber threats, including malware outbreaks, targeted attacks, and persistent threats.
+ Provide **expert-level guidance** on containment, mitigation, and remediation strategies.
+ **Threat Hunting & Threat Assessment:**
+ Proactively hunt for **hidden threats** within enterprise networks using threat intelligence and behavioral analytics.
+ Develop and refine **threat detection rules** to improve SOC visibility.
+ Assess emerging threats and provide actionable recommendations to enhance security posture.
+ **Security Automation & Orchestration:**
+ Design and implement **automated workflows** to enhance security event triage and response.
+ Leverage **SOAR (Security Orchestration, Automation, and Response) platforms** to streamline incident response.
+ Work with **SIEM (Security Information and Event Management)** tools to optimize log ingestion and alerting mechanisms.
+ **Security Tooling & Continuous Improvement:**
+ Collaborate with security architects and engineers to **enhance detection and response capabilities** .
+ Perform **root cause analysis** on security incidents and recommend improvements to security controls.
+ Stay updated on **industry best practices** and evolving attack techniques to ensure effective defenses.
**Required Qualifications & Experience**
+ **Extensive hands-on experience** in **Cybersecurity Incident Response** or Security Operations.
+ Strong background in **SOC operations, SIEM, threat intelligence, and digital forensics** .
+ Expertise in investigating **malware, phishing, web attacks, insider threats, and advanced persistent threats (APTs)** .
+ Experience working with **security automation and orchestration tools (SOAR)** .
+ Familiarity with scripting languages such as **Python, PowerShell, or Bash** for security automation.
+ Strong understanding of **MITRE ATT&CK framework** , TTPs (Tactics, Techniques, and Procedures), and cyber kill chain.
+ Hands-on experience with **cloud security (AWS, Azure, GCP)** is a plus.
+ Certifications such as **GCIH, GCFA, CISSP, CISM, or OSCP** are highly desirable.
+ Ability to work in a fast-paced, global environment and **collaborate with cross-functional teams** .
**Why Proofpoint**
Protecting people is at the heart of our award-winning lineup of cybersecurity solutions, and the people who work here are the key to our success. We're a customer-focused and a driven-to-win organization with leading-edge products. We are an inclusive, diverse, multinational company that believes in culture fit, but more importantly 'culture-add', and we strongly encourage people from all walks of life to apply.
We believe in hiring the best and the brightest to help cultivate our culture of collaboration and appreciation. If you're an experienced governance and compliance leader with a passion for building teams and driving security excellence, we'd love to hear from you!
Apply today and explore your future at Proofpoint! #LifeAtProofpoint
#LI-CB1
Why Proofpoint? At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you'll love working with us:
- Competitive compensation
- Comprehensive benefits
- Learning & Development: We are committed to the growth and development of our team members, offering a range of programs including leadership and professional development workshops, stretch project assignments, and mentoring opportunities to help employees reach their full potential.
- Flexible work environment: (Remote options, hybrid schedules, flexible hours, etc.).
- Annual wellness and community outreach days
- Always on recognition for your contributions
- Global collaboration and networking opportunities
Our Culture:
Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to . How to Apply Interested? Submit your application here . We can't wait to hear from you!
Proofpoint has been honored with six Best Places to Work Awards in 2024 by workplace culture leader Comparably, including Best Company Career Growth, Best Company Outlook, Best Global Culture, Best Engineering Teams, Best Sales Teams, and Best HR Teams.
We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people.
Our BRAVE Values:
At Proofpoint, we are BRAVE in everything we do, and our values aren't just words-they shape how we work, collaborate, and grow.
We seek people who are bold enough to challenge the status quo, responsive in the face of ever-evolving threats, and accountable for delivering real impact.
We value those with a visionary mindset who anticipate what's next and push cybersecurity forward, and we celebrate exceptional execution that ensures we continue to defend data and protect people.
Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.
Find your network, your allies, and your biggest fans. We know that work is simply better when you're surrounded by people who inspire you-who share ideas, cheer you on, and genuinely want to see you succeed. That's why we offer social circles, sponsored networks, and connection points across teams and time zones-to help you find your people, build your community, and thrive together.
This isn't just a job-it's a mission to protect people and defend data in a world that never slows down. We're building the future of human-centric cybersecurity, and that future belongs to all of us. We take ownership, move fast, and hold ourselves accountable-because that's what it takes to stay ahead. And we do it together, winning as one.
Be empowered to reach your full potential through meaningful challenges and personalized support-designed around you and your goals. Whether you're growing as a leader or leveling up from great to exceptional as an individual contributor, we're here to help you get there.
Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.

Description
Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited to help customers respond to security incidents and automate security operations giving them unprecedented capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally? As a member of the Threat Detection and Incident Response Practice in the AWS Global Service Security you will have the opportunity to help customers respond to security incidents and pioneer technically superb security solutions to help customer operate securely in the cloud. Building on those experiences you'll collaborate with AWS service teams on new features, innovate with new technologies, and explore new challenges
Sales, Marketing and Global Services (SMGS)
AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.
Key job responsibilities
- Perform and oversee security incident response operations
- Become a deep technical resource that earns the trust of customer stakeholders before, during, and after a security event.
- Independently contribute to teams that include Amazonians, partners, and customers to build and deploy threat detection and incident response capabilities.
- Design, build, and deploy solutions to automate security operations and incident response on AWS.
- Independently contribute to internal builder projects to develop new consulting engagement models and capabilities for customers.
- Develop high-quality content, such as automation tools, reference architectures, and white papers to help our consultants, partners, and customers build on the work that we deliver.
- Innovate on behalf of customers by translating your thoughts into actionable results.
- Mentor and invest in our consultants, partners, and customers to raise the bar for our customers.
- Periodic on-call required.
Basic Qualifications
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- 1+ years of experience building/operating on the AWS platform
- 2+ years of threat detection or incident response experience
- 3+ years of experience in technical IT security or related job role
- Hands-on technical experience in incident response technology, security, automation, implementation, integration, and/or deployment.
Preferred Qualifications
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Experience with programming languages such as Python, Java, C+- Hands-on technical experience in building scripts, tools, or methodologies that enhance customers' threat detection and incident response capabilities.
- Experience communicating complex technical matters clearly and concisely orally and in writing.
- Knowledge of incident response workflows and processes
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Description
Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited to help customers respond to security incidents and automate security operations giving them unprecedented capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally? As a member of the Threat Detection and Incident Response Practice in the AWS Global Service Security you will have the opportunity to help customers respond to security incidents and pioneer technically superb security solutions to help customer operate securely in the cloud. Building on those experiences you'll collaborate with AWS service teams on new features, innovate with new technologies, and explore new challenges
Sales, Marketing and Global Services (SMGS)
AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.
Key job responsibilities
- Perform and oversee security incident response operations
- Become a deep technical resource that earns the trust of customer stakeholders before, during, and after a security event.
- Independently contribute to teams that include Amazonians, partners, and customers to build and deploy threat detection and incident response capabilities.
- Design, build, and deploy solutions to automate security operations and incident response on AWS.
- Independently contribute to internal builder projects to develop new consulting engagement models and capabilities for customers.
- Develop high-quality content, such as automation tools, reference architectures, and white papers to help our consultants, partners, and customers build on the work that we deliver.
- Innovate on behalf of customers by translating your thoughts into actionable results.
- Mentor and invest in our consultants, partners, and customers to raise the bar for our customers.
- Periodic on-call required.
Basic Qualifications
- Experience performing incident response activities
- 1+ years of experience building/operating on the AWS platform
- 3+ years of experience in technical IT security or related job role
- 2+ years of threat detection or incident response experience
- Hands-on technical experience in incident response technology, security, automation, implementation, integration, and/or deployment.
Preferred Qualifications
- Hands-on technical experience in building scripts, tools, or methodologies that enhance customers' threat detection and incident response capabilities.
- Strong scripting skills in modern scripting languages like PowerShell, Python, Node.js, Javascript, Bash, Ruby, or SQL.
- Experience communicating complex technical matters clearly and concisely orally and in writing.
- Experience managing customers during a security event, including managing customer expectations and delivering results.
- Knowledge of incident response workflows and processes
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Description
Do you want to work on planetary scale incident response solutions in the cloud? Are you skilled at performing Incident Response activities and helping customers build threat detection and incident response capabilities using highly scalable computing architectures? Are you excited to help customers respond to security incidents and automate security operations giving them unprecedented capability and agility? Do you enjoy working on fast-paced complex projects focused on game changing business outcomes for customers globally? As a member of the Threat Detection and Incident Response Practice in the AWS Global Service Security you will have the opportunity to help customers respond to security incidents and pioneer technically superb security solutions to help customer operate securely in the cloud. Building on those experiences you'll collaborate with AWS service teams on new features, innovate with new technologies, and explore new challenges
Sales, Marketing and Global Services (SMGS)
AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.
Key job responsibilities
- Perform and oversee security incident response operations
- Become a deep technical resource that earns the trust of customer stakeholders before, during, and after a security event.
- Independently contribute to teams that include Amazonians, partners, and customers to build and deploy threat detection and incident response capabilities.
- Design, build, and deploy solutions to automate security operations and incident response on AWS.
- Independently contribute to internal builder projects to develop new consulting engagement models and capabilities for customers.
- Develop high-quality content, such as automation tools, reference architectures, and white papers to help our consultants, partners, and customers build on the work that we deliver.
- Innovate on behalf of customers by translating your thoughts into actionable results.
- Mentor and invest in our consultants, partners, and customers to raise the bar for our customers.
- Periodic on-call required.
Basic Qualifications
- Experience performing incident response activities.
- 1+years of experience building/operating on the AWS platform
- 3+years of experience in technical IT security or related job role
- 2+ years of threat detection or incident response experience
- Hands-on technical experience in incident response technology, security, automation, implementation, integration, and/or deployment.
Preferred Qualifications
- Hands-on technical experience in building scripts, tools, or methodologies that enhance customers' threat detection and incident response capabilities.
- Strong scripting skills in modern scripting languages like PowerShell, Python, Node.js, Javascript, Bash, Ruby, or SQL.
- Experience communicating complex technical matters clearly and concisely orally and in writing.
- Experience managing customers during a security event, including managing customer expectations and delivering results.
- Knowledge of incident response workflows and processes
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

**Our Story**
Unum Technology Centre in Carlow serves as a strategic software development and IT services centre supporting Unum, a leading provider of income protection in the US. Our team of IT professionals build solutions and critical business applications to digitally transform the way we do business.
Unum is seeking a passionate and driven Security Analyst I to join our dynamic Security Operations Team. This is an exciting opportunity for someone with a strong foundation in networking and endpoint security who is eager to grow, contribute, and make a real impact in protecting our organization.
**The Role**
As a Security Analyst I, you'll play a key role in our frontline defense, helping to monitor, investigate, and respond to security threats. Your responsibilities will include:
+ **Security Monitoring & Response:** Triage, investigate, and respond to alerts from tools like our SIEM platform.
+ **Threat Analysis:** Examine phishing attempts and other suspicious activities.
+ **Ticket Management:** Handle incoming security-related tickets and ensure timely resolution.
+ **Continuous Improvement:** Contribute to rule creation, tool enhancements, and automation initiatives.
+ **Collaboration:** Work closely with team members and other departments to strengthen our security posture.
**What You offer**
**Soft Skills**
+ A collaborative team player who shares ideas and supports others.
+ Curious and enthusiastic about cybersecurity and continuous learning.
+ Strong communication skills, including the ability to present to senior stakeholders.
+ Critical thinker and creative problem solver.
+ Self-starter with basic project management capabilities.
**Technical Skills**
+ Solid understanding of networking and OS fundamentals, including ports, protocols, and their potential misuse.
+ Experience using SIEM platforms for search, aggregation, and visualization.
+ Logical and methodical approach to security analysis.
+ Awareness of modern threats, malware families, and threat actor tactics.
+ Ability to interpret dynamic sandbox reports and assess risk.
+ Basic scripting skills and familiarity with regular expressions (regex).
+ Experience with version control tools like Git.
+ Understanding of endpoint artifacts (e.g., Event IDs, registry keys) and their implications.
+ Knowledge of compliance frameworks and associated obligations.
#LI-SF1
**#LI-Hybrid**
#Hybrid
**What We Offer**
Our size and successful history in Carlow means we can offer you exceptional development and progression, supported by continual learning programs, IT Certifications & third level tuition reimbursement. We offer work-life-balance with flexible working arrangements (including hybrid) and initiatives in support of your well-being. Our attractive range of benefits and reward initiatives includes competitive compensation, 25 days annual leave, paid health insurance, pension scheme, annual performance-based bonus, paid maternity/paternity/adoptive leave, reward programs, and an opportunity to engage with charity and community activities.
Company:
Unum