Incident Response Engineer

Remote - Germany

Arctic Wolf

Arctic Wolf delivers dynamic 24x7 cybersecurity protection tailored to the specific needs of your organization. Ready to boost your security posture?

View company page

Ready to further your career in the fast-paced, exciting world of cyber security?

About Us The unicorn company Arctic Wolf was founded in the USA in 2012 and is a leader in security operations in an exciting and fast-growing industry - cybersecurity. Our commitment to customer and employee satisfaction, combined with a stable track record characterised by doubling our sales and employee numbers for five consecutive years, have made us an industry leader. In April 2021, we decided to expand globally with the goal of providing companies worldwide with first-class protection. Arctic Wolf is therefore a global leader in security operations, delivering the first cloud-native security operations platform to end cyber risk. Powered by threat telemetry spanning endpoint, network, and cloud sources, the Arctic Wolf® Security Operations Cloud ingests and analyses trillions of security events each week to enable critical outcomes for most security use cases. The Arctic Wolf® Platform delivers automated threat detection and response at scale and empowers organisations of any size to stand up world-class security operations with the push of a button.

Our mission is simple! End cyber risk!

Position Overview and Objective

The Incident Response Engineer role can handle incidents by themselves but may need to frequently get second opinions from more senior team members and may need assistance on larger cases. While still a client facing role, this role will less often run a case from start to completion on their own.

Primary Responsibilities and Duties

Digital Forensics

Perform digital forensic functions including but not limited to host-based analysis through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).

Process collected data and conduct defensible data acquisitions through in-depth analysis.

Preserve and analyse data from electronic data sources and systems including laptop and desktop computers, servers, mobile devices, and cloud services (Azure, AWS, etc.).

Examine firewall, web, database, and other log sources to identify evidence and artifact's of malicious and compromised activity.

Be able to determine the root cause, find persistence mechanisms, and find all actions of the threat actor in most incidents.

Participate in incident response engagements to guide clients and/or junior team members through forensic investigations, contain security incidents, and provide guidance on longer-term remediation recommendations.

Record detailed data for each incident that can be used in threat research and marketing initiatives.


Ability to rebuild servers and workstations.

Ability to restore servers from nearly any backup system.

Assist with decryption of data when needed.

Ability to recreate hypervisor environments and manage virtual servers.

Client and Partner Management

Provide support on incident response engagements in collaboration with the Team lead and Engagement Manager leading the engagements to guide client’s containment, remediation, restoration, and forensic investigations.

Provide long term security recommendations that are well thought our and specific to the incident that the client experienced.

Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel.

Be able to lead an engagement solo from start to finish when needed.

Be able to bring calm to escalated situations.


Participate in weekday escalation on call schedule.

Participate in weekend on call schedule.

Participate in holiday on call schedule.

Contribute towards R&D projects, such as, tools, techniques, threat research projects.

Contribute to marketing initiatives.

Our values: At Arctic Wolf, we cultivate a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures and ideas to make our teams even stronger as we grow globally. We were named one of the 50 most innovative companies in the world (Fast Company) - and the second most innovative security company. Other awards include Top Workplace USA, Best Places to Work - USA, Great Place to Work - Canada and of course Kununu "Top Company" in Germany. Arctic Wolf is an equal opportunity employer and we consider applicants for employment without regard to race, color, religion, gender, orientation, national origin, age, disability or genetics. Arctic Wolf is committed to creating a welcoming, accessible, respectful and inclusive environment that provides equal access and participation for people with disabilities. Therefore, we strive to make our entire employee experience as accessible as possible and, wherever possible, provide necessary accommodations to applicants and employees with disabilities and/or other specific needs. Come and join our pack during this exciting time of rapid growth, where every employee makes a difference, contributions are recognised and many exciting development opportunities arise. Have we sparked your interest? Then send us your CV and also your references.

Come join the Pack during this exciting time of rapid growth where every employee makes a difference and their contributions are recognized and rewarded.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: AWS Azure Cloud Firewalls Forensics Incident response Linux R&D Threat detection Threat Research Windows

Perks/benefits: Career development Gear Startup environment Team events

Regions: Remote/Anywhere Europe
Country: Germany
Job stats:  26  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.