Motion Recruitment · 1 day ago
Cyber security Engineer - Threat and Incident response
Arlington, TX
Full-time
Onsite
Senior Level, Lead/Staff
$180K/yr - $200K/yr
12+ years expMotion Recruitment is seeking a Senior Principal Cybersecurity Engineer to join the Incident Response team. This role involves leading incident investigations and improving response tools while acting as a key influencer in business strategy alignment.
Information TechnologyRecruitingStaffing Agency
No H1B
Hiring Manager
Savitha Chethan
Responsibilities
Develop and enhance incident response tools, scripts, and frameworks to improve efficiency, accuracy, and scalability of detection, response and investigations
Conduct and enhance memory/network/host/cloud forensics, malware reverse-engineering, and automated triage
Create customized tactical and strategic remediation plans related to alerts and incidents identified inside the internal landscape as well as identified in the wild
Convey analytical findings through finished technical reports post incident
Identify and codify attacker TTPs and IOCs, feeding them into detection pipelines and IR playbooks
Gather and analyze cybersecurity data, technology tools and risk systems to identify security exposures
Lead or participate in tabletop exercises, Purple Team sessions, and threat fencing simulation
Perform analysis of various log sources, SIEM alerts, IDS/IPS alerts, host activity, and network traffic to identify suspicious or anomalous activity
Stay proactively ahead of the threat landscape—monitor zero-days, vulnerabilities, and advanced persistent threats
Qualification
Required
Experience with leading cross-functional and/or global initiatives from start to finish
Advanced knowledge of business acumen and a deep understanding of business implications of decisions
In-depth understanding of company values, mission, vision and strategic direction
Comprehensive knowledge of business operations
Recognized as an expert across the business unit
Experience building detection rules and associated
Experience with threat intelligence techniques and detection rules, and a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise
Strong experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists
Strong ability to independently develop and implement risk hunting methodologies
Skilled in network, endpoint, memory, disk, and cloud forensics—with documented lead roles in complex investigations
Working knowledge of global cyber threats, threat actors, adversary tactics, techniques and procedures
Experience with TTPs, IOCs, and the MITRE ATT&CK and RE&ACT framework
Strong understanding of cloud incident response on platforms like Azure or AWS including working knowledge of how to implement logging and monitoring within them
Consistent experience on case management, following workflows, communicating incidents, and retrieving necessary data
Verifiably skilled in scripting to build or improve incident response
Demonstrated experience constructing and testing APIs
Experienced in NIST incident response roles and capabilities
Advanced knowledge of TCP/IP networking, OSI model and IP subnetting
Advanced knowledge of CI/CD and Detection as Code
Knowledge of analysis tools like Bro/Zeek or Suricata, Splunk SPL and ability to perform analysis of associated network logs
Strong understanding of secure network architecture and strong background in performing network operations
Strong technical understanding of application layer protocols including HTTP, SSH, SSL, and DNS and how they relate to cybersecurity
Technical knowledge of common network protocols and design patterns including TCP/IP/ HTTPS/ FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Advanced experience within Python, PowerShell, Bash, Jupyter and Anaconda, capable of writing modular code that can be installed on a remote system
Demonstrated capabilities in core data science principles
In-depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems
Understanding of source code, hex, binary, regular expression, data correlation, and analysis such as network flow and system logs
Proficient with Yara and writing rules to detect similar malware samples
Knowledgeable of current malware techniques to evade detection and obstruct analysis
Understanding of the capabilities of static and dynamic malware analysis, and practical experience with static, dynamic, and automated malware analysis techniques
Experience writing malware reports
Experience with reverse engineering various file formats and analysis of complex malware samples
Bachelor's degree or associate Degree plus 2 years of relevant experience required
12 years minimum experience in related functions
5-7 years' experience leading through mentorship in a related field
5-7 years' experience driving thought leadership and innovation across products
Preferred
Relevant certifications or licenses preferred
Company
Motion Recruitment
Motion Recruitment, a Kelly® Company, delivers IT Talent Solutions for Contract, Direct Hire, Managed Solutions and Statement of Work to all of North America from our 21 delivery centers.
501-1000 employees
Funding
Current Stage
Late StageTotal Funding
unknownKey Investors
Littlejohn & Co
2024-05-03Acquired
2018-04-30Private Equity
1998-06-04Private Equity
Leadership Team
Beth Gilfeather
CEO
Brad Page, MBA
Chief Financial Officer
Recent News
Kelly Services, Inc.
2025-10-28
TradingView
2025-02-14
Business Journals
2024-05-05
Company data provided by crunchbase