Incident Responder Jobs
Incident responders (IR / DFIR) contain and investigate active breaches - forensics, malware triage, and post-incident hardening. It is a high-stakes, high-signal specialization that grows straight out of SOC and detection work.
27 live Incident Responder roles across the cybersecurity employers we track - updated hourly, apply directly.
Latest Incident Responder roles
Sr Security Engineer, Incident Response
Databricks · Belgium; Finland; Remote - Denmark; Remote - France; Remote - Germany; Remote - Netherlands; Remote - Spain; Remote - Sweden; Remote - United Kingdom; Switzerland
Incident Response Senior Consultant (Remote, JPN)
CrowdStrike · 2 Locations
Incident Response Analyst - SkillBridge (Remote)
CrowdStrike · USA - Remote
Technical Escalations Engineer 2 (Service Management - Incident Response) - APJ
Datadog · Singapore, Singapore
Technical Escalations Engineer 2 (Service Management - Incident Response) - APJ
Datadog · Sydney, Australia; Tokyo, Japan
Consultant, DFIR, Reactive Services (Unit 42) – LATAM
Palo Alto Networks · Sao Paulo, Brazil
Sr. Backend Engineer, Cloud - Threat Detection / Incident Response (Hybrid, London)
CrowdStrike · United Kingdom - London
Incident Response Principal Consultant (Remote CAN)
CrowdStrike · 6 Locations
Incident Response Consultant - Weekend Shift (Remote, GBR)
CrowdStrike · United Kingdom - Remote
Sr. Staff Engineer (Product Security Incident Response)
Palo Alto Networks · Santa Clara, United States of America
Principal Software Engineer - Back End (Wildfire)
Palo Alto Networks · Office - USA - CA - Headquarters
Group Product Manager - Threat Detection and Incident Response (Cloud SIEM)
Datadog · New York, New York, USA
Threat Detection and Incident Response Intern (Summer 2026)
Cloudflare · In-Office
Senior Security Engineer, Incident Response
1Password · Remote (United States | Canada)
Senior Security Engineer, Incident Response
Databricks · Amsterdam, Netherlands; Berlin, Germany; London, United Kingdom; Remote - Denmark; Remote - France; Remote - Germany; Remote - Italy; Remote - Spain; Remote - Sweden
Explore related searches
- Browse the Detection & SOC hub for the full specialization.
- Prefer remote? See remote cybersecurity jobs.
Frequently asked questions
- What does an Incident Responder do?
- Incident responders (IR / DFIR) contain and investigate active breaches - forensics, malware triage, and post-incident hardening. It is a high-stakes, high-signal specialization that grows straight out of SOC and detection work.
- How many Incident Responder jobs are there right now?
- We are tracking 27 live Incident Responder roles across the cybersecurity employers we monitor, updated hourly. Each listing links straight to the employer's own application page.
- Are Incident Responder jobs remote?
- Some are. Many Incident Responder roles are hybrid or on-site because of tooling and data-sensitivity, but fully-remote listings appear regularly - filter the board or browse our remote cybersecurity jobs page.
- What certifications help you get an Incident Responder job?
- GCIH or CompTIA Security+ is the credential most often named in Incident Responder postings. Beyond a certificate, hands-on evidence - a home lab, CTF write-ups, or public detections - carries the most weight in screening.