The Incident Response Engineer manages cybersecurity incidents, conducts analysis, develops response strategies, and collaborates with stakeholders to improve security.
As a member of the ETMSA team at Crypto.com, you will be integral to responding to and managing cybersecurity threats and incidents throughout their lifecycle – from Preparation to Identification, Containment, Eradication, Recovery, and Lessons Learned – collaborating with a global team of incident responders.
You will apply your comprehensive skills in cyber defense, digital forensics, log analysis, and intrusion analysis to address security incidents across our endpoints, network, and cloud infrastructure. In this role, you will be responsible for prevention, detection, response, and remediation activities, ensuring that information assets and technologies are adequately protected by leveraging various technologies such as Next-Generation Firewalls (NGFW), Endpoint Detection and Response (EDR), Intrusion Detection/Prevention Systems (IDS/IPS), Data Loss Prevention (DLP), and more.
You will also leverage your collaboration and communication skills to work effectively with all relevant stakeholders in multicultural and global environments.
Responsibilities
- Report to Director to facilitate all phases in the incident response lifecycle
- Be involved in various incident prevention projects to improve Security posture
Preparation:
- Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc.
- Take part in self-assessment exercises like Tabletop Exercises, Attack Simulations, Red/Purple Team exercises to make sure the incident response process is working smoothly
Develop incident response runbooks, playbooks and SOPs with reference to different regulatory requirements
- Evaluate the incident response readiness of different layers - people, process, technology
Detection & Analysis:
- Respond to the cyber security incidents escalated from various channels including the 24/7 SOC team.
- Respond to cyber security incidents in compliance with the local authority / regulatory requirements.
- Assess the risk, impact and scope of the identified security threats
- Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs
Containment, Eradication and Recovery:
- Communicate with the stakeholders and provide guidance, recommendations to contain and eradicate the security incident
- Participate in root cause analysis using forensic and other custom tools to identify any sources of compromise and/or malicious activities taking place.
- Document and present investigative findings for high profile events and other incidents of interest.
Post incident activities:
- Provide lessons learnt meeting to the stakeholders
- Lead and keep track on the follow-up activities
- Document the incident in the case management system and provide incident reports
Always ready to jump in, in the event of security incidents.
Requirements
- At least 5 years experience in the Cyber Security industry
- Strong technical and analytical skills
- Familiar with the cyber security incident response process
- Familiarity with AI tools and their application in automating security tasks and processes.
- Hands-on experience on performing incident response activities
- Have scripting experience like Bash, PowerShell, Python, Go, etc, and the ability to use these skills to aid in responding to incidents involving Windows, Linux, macOS, as well as cloud environment
- Have knowledge of cybersecurity tools and software like NGFW, EDR, IDS/IPS, EDR, DLP, SIEM, other log management platforms, etc.
- Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain
- Be passionate on exploring new technologies and having creative initiative to boost the team capabilities
- Holders of security related certifications is a plus (e.g.Azure, AWS, CISSP, GCIH, GCIA, GCFA, GNFA, GREM, or other equivalent)
- Awareness of regulatory and compliance requirements like GDPR, MAS, PSD2 etc is a plus.
Preferably
- Fast learner with can do attitude and ready to get the hands dirty
- A strong team player who can collaborate with compassion
- Passionate to learn and willing to put in the extra effort
- Understand the concept of ownership and accountability coupled with sense of urgency and prioritisation
- Confidence in handling incidents and managing relevant senior and technical stakeholders
- Possess business acumen/mindset (not only technical) when making critical decisions
Top Skills
Bash
Cyber Defense
Cybersecurity
Digital Forensics
Dlp
Edr
Go
Ids/Ips
Intrusion Analysis
Log Analysis
Mitre Att&Ck Framework
Next-Generation Firewalls
Powershell
Python
SIEM
Similar Jobs
Consumer Web • Healthtech • Professional Services • Social Impact • Software
In this role, you will lead incident response protocols, automate security workflows, manage incident tracking, and collaborate with teams to mitigate security threats.
Top Skills:
AWSCeleryDatadogFastapiGitKafkaPagerdutyPostgresPython 3ReactRemixSemgrepSnowflakeSnykSqlalchemyTypescript
Software • Cryptocurrency
The Incident Response Engineer manages cybersecurity threats, collaborating on prevention, detection, response, and remediation activities while developing incident response documentation and communicating with stakeholders.
Top Skills:
Data Loss Prevention (Dlp)Endpoint Detection And Response (Edr)Go)Intrusion Detection/Prevention Systems (Ids/Ips)Next-Generation Firewalls (Ngfw)PowershellPythonScripting Languages (BashSIEM
Big Data • Fintech • Mobile • Payments • Financial Services
Lead the Incident Response function within the Security Team, managing security incidents, developing response strategies, and mentoring junior staff. Collaborate with cross-functional teams to enhance security operations across the organization.
Top Skills:
AWSCrowdstrikeEdrEksElasticExpelMdrPythonRed CanarySentinel OneSIEMSplunkTerraform
What you need to know about the Boston Tech Scene
Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
