Hybrid Incident Response Consultant, L1

Posted 5 hours ago

Apply now

About the role

  • Incident Response Consultant at Armor providing expert security consultation and incident response services. Collaborating with customers to analyze threats and develop effective response strategies.

Responsibilities

  • Provide security consultation and incident response services to our managed security customers.
  • Consult with customers on security events, providing analysis and recommendations for response actions tailored to their environment.
  • Analyze security data across SIEM, EDR, and cloud platforms to identify threats and advise on appropriate countermeasures.
  • Provide guidance to customers through the incident response lifecycle based on NIST 800-53 and SANS best practices.
  • Investigate potential compromises and recommend remediation strategies appropriate to customer risk tolerance and business requirements.
  • Advise customers on security best practices, control improvements, and risk mitigation approaches.
  • Analyze emerging threats and vulnerabilities; provide recommendations on defensive measures.
  • Document findings, recommendations, and consultation outcomes for customer delivery.
  • Collaborate with senior consultants on complex engagements and escalate as appropriate.

Requirements

  • 1-3 years of experience in security operations, incident response, or security consulting
  • Prior SOC analyst or IR experience preferred
  • Required certifications within 12 months: Microsoft Azure Security Technologies (AZ-500), Microsoft Security Operations Analyst (SC-200), Microsoft Identity and Access Administrator (SC-300)
  • Certifications preferred: Security+, CySA+, CEH
  • Associate’s or Bachelor’s Degree in Information Technology, Cybersecurity, or related field preferred.
  • Linux and Windows Server administration fundamentals
  • Familiarity with cloud platforms (Azure, AWS, GCP) and their security services
  • Working knowledge of security tools: EDR, SIEM (Sentinel, Splunk, etc.), SOAR, and threat intelligence platforms
  • Understanding of networking fundamentals, TCP/IP, and common attack techniques
  • Ability to read and modify code (Python, PowerShell, KQL) for analysis and automation
  • Working knowledge of git version control including branching, commits, and pull request workflows
  • Proficiency with AI-assisted tools (Claude Code, GitHub Copilot, or equivalent) for accelerating security analysis and task automation
  • Understanding of AI/LLM security risks including prompt injection, data leakage, and model limitations
  • Ability to critically evaluate AI-generated outputs for accuracy and security implications
  • Willingness to adopt agentic AI workflows and AI-augmented tooling as part of daily security operations
  • Analytical mindset with ability to identify indicators of compromise and correlate events across data sources
  • Strong communication skills with ability to convey technical concepts to diverse audiences
  • Customer-focused with professional consulting demeanor.

Benefits

  • Comprehensive Benefits Including Medical, Dental, And Vision Insurance
  • Life And Disability Coverage
  • Paid Time Off
  • Professional Development Support
  • 401(K) With Employer Matching Contributions
  • Tuition Reimbursement
  • Flexible Schedules And Remote Work Options

Job title

Incident Response Consultant, L1

Job type

Experience level

Mid levelSenior

Salary

Not specified

Degree requirement

Associate's Degree

Location requirements

Report this job

See something inaccurate? Let us know and we'll update the listing.

Report job