Incident Responder Jobs

Incident responders (IR / DFIR) contain and investigate active breaches - forensics, malware triage, and post-incident hardening. It is a high-stakes, high-signal specialization that grows straight out of SOC and detection work.

27 live Incident Responder roles across the cybersecurity employers we track - updated hourly, apply directly.

Get weekly alerts for new Incident Responder jobs:

Latest Incident Responder roles

databricks logo

Sr Security Engineer, Incident Response

Databricks · Belgium; Finland; Remote - Denmark; Remote - France; Remote - Germany; Remote - Netherlands; Remote - Spain; Remote - Sweden; Remote - United Kingdom; Switzerland

Detection EngineeringRemote
Posted Jul 3Apply
crowdstrike logo

Incident Response Senior Consultant (Remote, JPN)

CrowdStrike · 2 Locations

Detection EngineeringRemote
Posted Jul 1Apply
crowdstrike logo

Incident Response Analyst - SkillBridge (Remote)

CrowdStrike · USA - Remote

Detection EngineeringRemote
Posted Jul 1Apply
datadog logo
Posted Jul 1Apply
Wizinc logo

Incident Responder

Wiz · Tel Aviv

Detection Engineering
Posted Jun 30Apply
Wizinc logo

Incident Responder

Wiz · London, UK

Detection Engineering
Posted Jun 30Apply
paloaltonetworks logo
Posted Jun 30Apply
crowdstrike logo
Posted Jun 29Apply
crowdstrike logo

Incident Response Principal Consultant (Remote CAN)

CrowdStrike · 6 Locations

Detection EngineeringRemote
Posted Jun 26Apply
crowdstrike logo

Incident Response Consultant - Weekend Shift (Remote, GBR)

CrowdStrike · United Kingdom - Remote

Detection EngineeringRemote
Posted Jun 25Apply
cloudflare logo

Incident Response Analyst - React

Cloudflare · In-Office

Detection Engineering
Posted Jun 24Apply
paloaltonetworks logo
Posted Jun 23Apply
paloaltonetworks logo

Principal Software Engineer - Back End (Wildfire)

Palo Alto Networks · Office - USA - CA - Headquarters

Engineering
Posted Jun 17Apply
sentinellabs logo

DFIR Engagement Manager

SentinelOne · Prague, Czech Republic

Detection Engineering
Posted May 31Apply
sentinellabs logo

DFIR Engagement Manager

SentinelOne · Czech Republic

Detection Engineering
Posted May 31Apply
gitlab logo

Manager, Security Incident Response Team (USA)

GitLab · Remote, US

Detection EngineeringRemote
Posted May 14Apply
recordedfuture logo

Incident Response Analyst

Recorded Future · London, England, UK

Detection EngineeringRemote
Posted Apr 27Apply
clickhouse logo

Incident Response Security Engineer

ClickHouse · Singapore (remote)

Detection EngineeringRemote
Posted Apr 3Apply
clickhouse logo

Incident Response Security Engineer

ClickHouse · United States (remote)

Detection EngineeringRemote
Posted Apr 3Apply
dragos logo

Associate Principal Incident Responder

Dragos · Singapore

Detection EngineeringRemote
Posted Mar 20Apply
datadog logo
Posted Feb 11Apply
1password logo

Senior Security Engineer, Incident Response

1Password · Remote (United States | Canada)

Detection EngineeringRemote
Posted Dec 23Apply
databricks logo

Senior Security Engineer, Incident Response

Databricks · Amsterdam, Netherlands; Berlin, Germany; London, United Kingdom; Remote - Denmark; Remote - France; Remote - Germany; Remote - Italy; Remote - Spain; Remote - Sweden

Detection EngineeringRemote
Posted Jul 14Apply

Explore related searches

Frequently asked questions

What does an Incident Responder do?
Incident responders (IR / DFIR) contain and investigate active breaches - forensics, malware triage, and post-incident hardening. It is a high-stakes, high-signal specialization that grows straight out of SOC and detection work.
How many Incident Responder jobs are there right now?
We are tracking 27 live Incident Responder roles across the cybersecurity employers we monitor, updated hourly. Each listing links straight to the employer's own application page.
Are Incident Responder jobs remote?
Some are. Many Incident Responder roles are hybrid or on-site because of tooling and data-sensitivity, but fully-remote listings appear regularly - filter the board or browse our remote cybersecurity jobs page.
What certifications help you get an Incident Responder job?
GCIH or CompTIA Security+ is the credential most often named in Incident Responder postings. Beyond a certificate, hands-on evidence - a home lab, CTF write-ups, or public detections - carries the most weight in screening.

Related cybersecurity searches

Stay ahead of the curve. Get new infosec jobs in your inbox: