Senior Security Engineer- Incident Response presso Sigma Computing

About the Role

Sigma is seeking a Senior Security Engineer  to join our growing Cyber Security team. As a Senior Security Engineer, you will advance Sigma’s Security strategy by shaping and evolving security architecture in alignment with business objectives. As a Senior Engineer, you will be focused on our Cloud/SaaS Security, designing, building, and maturing Sigma incident detection and response program. You will be responsible for creating and implementing strategies to identify, analyze, contain, eradicate, and recover from security incidents effectively. This role requires a blend of hands-on technical expertise, strategic program development, and strong cross-functional collaboration. 

We are looking for a builder and defender—someone who thrives in complex cloud-native environments, embraces automation (“let the robots do the work”), and has the strong vision to scale cloud security and incident response for a fast-moving SaaS company. If you are passionate about staying ahead of attackers, crafting innovative detections, and building resilient cloud defenses, we want to hear from you.

What You’ll Do

• Build, mature, and operate a robust incident detection and response program, encompassing people, processes, and technology.
• Provide expertise and guidance during critical security events, acting as a technical SME and primary point of contact to senior management.
• Develop and implement advanced detection methodologies, rules, and alerts to identify sophisticated threats rapidly.
• Manage the full lifecycle of security incidents, from initial detection and triage to containment, eradication, recovery, and thorough post-incident review.
• Architect and implement security automation solutions to streamline incident response workflows, enrich alerts, and facilitate faster remediation.
• Work with cross functional teams internal stakeholders like Legal, VP Security, Executive teams and External  IR retainer in case of high severity Incidents impacting customers.
• Collaborate closely with engineering, operations, and product teams to integrate security best practices, enhance logging, and ensure swift remediation of vulnerabilities identified during incidents.
• Document incident findings, lessons learned, and contribute to the development of actionable intelligence to prevent future occurrences.
• Drive advance threat hunting and forensics uncover malicious activity through proactive hunts, network forensics, and cloud/host-based investigations.
• Design, implement, and continuously improve Sigma Cloud Security in all  environments - AWS, GCP, Azure.
• Enhance Vulnerability management – identify, prioritize, and guide remediation of risks across cloud infrastructure and applications.
• Advance Cloud and network security – build standards and protections to defend workloads, identities, Sigma services and data.
• Develop and mature IR runbooks, playbooks, and automations to scale security response across environments.
• Use AI securely and effectively to make the team efficient and scale Security Practices.
• Stay ahead of evolving threats – leverage intelligence, attack simulation, and red/blue team learnings to refine defenses.
  
  

What We’re Looking For

• Bachelor’s or Master Degree in Computer Science, Cyber Security or related fields.
• Relevant certifications such as GCIH, GCFA, GNFA, CISSP, CCSP, or AWS Security Specialty.
• Proven ability to produce high-quality results in a fast-paced SaaS environment or similar large scale environment.
• 6+ years of hands-on experience in Security Engineering, Cloud Security, Incident Response with a strong focus on Cloud Security & Incident Response – including host/cloud forensics, threat hunting, detection engineering in SaaS or Cloud first Organizations.
• Strong proficiency in scripting languages (e.g., Python, Go, PowerShell) for automation, data analysis, and security tooling development.
• Demonstrated experience building, maturing, and scaling incident response programs, including detection engineering, playbook development, and conducting incident post-mortems in large scale environments.
• Strong experience working as Incident Responder and Manager to address critical business and customer security Incidents. 
• Good understanding and proven knowledge of AWS, GCP, or Azure environments; Kubernetes, Terraform, or other IaC.
• Deep Hands-on knowledge on security tooling across SIEM, EDR, CNAAP, WAF, CASB,DSPM, CSPM.
• Solid understanding of threat intelligence frameworks, attacker techniques (MITRE ATT&CK), and detection use cases.
  
  

Why Sigma?

At Sigma, security is at the core of our mission. We power insights and innovation for our customers, and protecting their data is our highest priority. As a Senior Security Engineer, you will have the autonomy to shape our Cyber Security strategy, access to cutting-edge technologies, and the opportunity to solve real problems at scale.

Join us and be part of a security team that values collaboration, innovation, and resilience—while giving you the room to grow, lead, and leave your mark on Sigma’s security journey.