Cybersecurity Engineer - Incident Response & Threat Detection

Posted 2026-05-06
Remote, USA Full-time Immediate Start

This a Full Remote job, the offer is available from: United States

Job Description

Fragomen, an AmLaw 100 Firm and the leading global immigration services provider, is seeking a Cyber Security Engineer with strong experience in Incident Response, digital forensics, and threat detection to join our Information Security & Cyber Security team.

Our industry-leading, immigration-specific technology and infrastructure is undergoing significant transformation, and security is critical to its success. We are seeking a professional who is passionate about protecting the organization, capable of leading response efforts during security incidents, and eager to mature enterprise-wide incident detection, investigation, and response capabilities.

You will join a team of security engineers who make security a differentiator in our technology offerings. The successful candidate will play a key role in detecting, investigating, containing, and remediating cyber incidents, while helping to strengthen Fragomen’s overall security posture.

How Will You Make a Difference at Fragomen?

    As a Security Engineer focused on Incident Response, you will:
  • Lead and support end-to-end incident response activities, including detection, analysis, containment, eradication, and recovery.
  • Monitor, investigate, and correlate security alerts using SIEM, EDR, and forensic tools.
  • Perform digital forensic investigations across endpoints, servers, cloud, and network environments.
  • Triage and escalate security events in accordance with established incident response procedures.
  • Develop, maintain, and continuously improve incident response playbooks, SOPs, and workflows.
  • Improve alert quality and response effectiveness through root cause analysis and post-incident reviews.
  • Partner with IT, Legal, Compliance, Privacy, and Risk teams during security incidents.
  • Support regulatory, legal, and client-driven incident response and reporting requirements.
  • Participate in and facilitate incident response tabletop exercises and simulations.
  • Contribute to the design and enhancement of detection, logging, and monitoring capabilities.
  • Provide technical guidance and mentorship to junior analysts and security team members.
    Required Qualifications
  • 1+ years of experience in cybersecurity, incident response, or security operations.
  • Hands-on experience responding to security incidents in enterprise environments.
  • Strong ability to analyze security events and perform technical investigations.
  • Working knowledge of:
  • TCP/IP, DNS, HTTP/S, VPNs, firewalls, and proxy technologies
  • Windows and Linux operating systems
  • Identity and access systems and authentication mechanisms
  • Experience using SIEM and security platforms such as:
  • Splunk, Microsoft Sentinel, QRadar, ArcSight, ELK, or similar
  • Ability to identify and respond to:
  • Phishing and business email compromise
  • Malware and ransomware
  • Credential compromise
  • Lateral movement and persistence mechanisms
  • Brute-force and privilege escalation attacks
  • Strong written and verbal communication skills, especially during high-pressure incidents.
  • Demonstrated ability to follow structured processes while continuously improving them.
    Preferred Qualifications
  • Experience with EDR, SOAR, and forensic tooling (e.g., CrowdStrike, Defender, Carbon Black, EnCase, Velociraptor, etc.).
  • Experience supporting investigations involving legal, compliance, or regulatory stakeholders.
  • Knowledge of MITRE ATT&CK and modern adversary tactics.
  • Experience with cloud and SaaS incident response (Azure, M365, AWS, etc.).
  • Relevant certifications, including:
  • GIAC (GCIH, GCFA, GCIA)
  • Offensive Security (OSCP, OSCE, OSEE)
  • Vendor certifications (Splunk, Sentinel, CrowdStrike, etc.)

All offers and/or employment contracts are contingent upon the successful completion of the Firm’s pre-employment screening process. This process may include verifying the candidate’s identity, confirming legal authorization to work in the offered position's location, and conducting a comprehensive background check, where permitted by local regulations.
This offer from "Fragomen" has been enriched by Jobgether.com and got a 72% flex score.

Apply Now

Similar Jobs

Recent Jobs

HIM Data Integrity Technical Specialist I
Patient Service Representative (Remote)
Join Team:Delta Airlines Flight Attendant Needed in Old Jamestown,MO
Join Team:Delta Airlines Flight Attendant Needed in North Liberty,IA
Study Operations Manager/Clinical Trial Manager...
UX Researcher & Designer
Senior DevSecOps Engineer - Platform and Tooling (Remote)
Sr. Director, Product Management - AI Products
Executive Director – Global Clinical Operations
Regional Marketing Director

You May Also Like

[Hiring] Virtual Care Customer Service Representative @Modern Animal
**Data Entry Specialist - Remote Work Opportunity at arenaflex**
**Experienced Live Chat Support Remote Customer Service Representative – Delivering Exceptional Amazon Customer Experiences**
**Experienced Customer Service Representative – Remote Work Opportunity with arenaflex**
**Remote Data Entry Specialist – Information Management & Database Administration**
**Experienced Data Entry Specialist – Detail-Oriented and Proactive Team Player Wanted at arenaflex**
Entry Level Data Entry Clerk – Remote Part-Time Position | Flexible Hours & Comprehensive Training Opportunities
**Experienced Bilingual Spanish Customer Service Representative – Remote Work Opportunity in Texas**
Experienced Remote Data Entry Clerk – Document Management & Information Processing Specialist
**Experienced Live Chat Support Representative – Work from Home Opportunity at arenaflex**
Back to Job Board