# Sr. Security Engineer, Incident Response

**Company:** [Navan](https://hotfix.jobs/companies/navan)
**Location:** New York, NY, Boston, MA, Palo Alto, CA or San Francisco, CA
**Role:** Security Engineering
**Salary:** $113k – $252k/yr
**Experience:** 5+ years
**Skills:** Crowdstrike Falcon, Crowdstrike Edr, SIEM, Soar, Tines, Cyberhaven Dlp, Mitre Att&Ck, IAM, Vulnerability Management, Incident Response
**Posted:** 2026-06-18

> Technical lead for incident response across multi-cloud environments. Owns triage, containment, automation, and detection tuning using CrowdStrike, Tines, and Cyberhaven DLP. Requires 5+ years in IR/SOC roles.

## Job Description

## What You’ll Do

**Incident Response Leadership:** Act as the primary Incident Lead during high-severity events. Own the end-to-end response lifecycle: driving triage, containment, evidence capture, and post-incident root-cause analysis.

**Automation & SOAR Engineering:** Use Tines to build and design workflows that automate triage, enrichment, and containment actions, significantly reducing operational toil and improving time-to-contain.

**Detection & Endpoint Monitoring:** Manage and fine-tune detection rule lifecycles utilizing CrowdStrike EDR and SIEM/SOAR capabilities to maintain high-precision, low-latency coverage against modern adversary tradecraft.

**Data Protection & Visibility:** Monitor and respond to data risks across endpoints, identity, and SaaS applications using Cyberhaven DLP. Identify gaps in IAM and vulnerability management and advocate for direct fixes.

**Architecture Partnership:** Partner with infrastructure owners to ensure new systems ship across all cloud environments with the right telemetry, encryption, authentication, and response playbooks from day one.

**Emergent Threats:** Evaluate and design response strategies for frontier security concerns, such as automated agents or bots operating across infrastructure at scale.

**On-Call Rotation:** Actively participate in the scheduled Incident Response on-call rotation, ensuring reliable coverage and operational readiness for emergent threats.

## What We’re Looking For

- 5+ years of experience in a dedicated Incident Response, SOC, or Security Engineering role, with a proven track record of leading high-severity incident containment in fast-paced environments
- Strong familiarity with the MITRE ATT&CK framework, modern adversary tactics, techniques, and procedures (TTPs), and common attack vectors targeting SaaS platforms
- Proven experience managing and tuning detection logic within CrowdStrike Falcon (or equivalent enterprise EDR/XDR) and enterprise SIEM platforms
- Excellent leadership skills with the ability to remain calm under pressure, coordinate cross-functional teams (Engineering, Legal, PR), and clearly communicate complex technical risks to stakeholders

## Similar roles

- [Senior Security Operations Center (SOC) Analyst, Hawaii](https://hotfix.jobs/jobs/bd9bd547-4717-4953-bdaa-164b31d3342d) - RapDev - Remote - $110k – $150k/yr
- [Sr. Security Software Engineer, Corporate Security](https://hotfix.jobs/jobs/70d73ad2-d2ed-4b0c-b7bd-11ae186e7186) - Pinterest - Remote - $124k – $255k/yr
- [Corporate Security Lead](https://hotfix.jobs/jobs/2a1defd4-9d21-4eb0-906b-0feb7fd4acc1) - Northwood Space - Los Angeles, CA - $125k – $206k/yr
- [Senior Security Automation Engineer](https://hotfix.jobs/jobs/2e4e1230-924e-4c2c-8df4-cdee5ef22cdb) - Clickhouse - Remote - $125k – $205k/yr
- [Senior vCISO / GRC Consulting Manager](https://hotfix.jobs/jobs/1eb33f19-585a-4597-9abd-d0a9ddce8874) - Agency - Richmond, VA - $125k – $125k/yr

**Apply:** https://hotfix.jobs/jobs/54c33dfc-1c96-47fb-896d-8a83b303c45e
**Canonical:** https://hotfix.jobs/jobs/54c33dfc-1c96-47fb-896d-8a83b303c45e