Live startup jobs · refreshed every nightSee all
AspenView Technology Partners, Inc.

Senior Threat Detection & Incident Response (DFIR) Engineer

PolandRemotefull-time

<p style="font-family:"><b><strong style="color:rgb(0,0,0);font-size:12pt;white-space:pre-wrap;">Build the Future with AspenView Technology Partners</strong></b></p><p style="font-family:">At AspenView, we are passionate about transforming the way organizations approach technology. We specialize in creating high-performing, nearshore IT teams to help North American clients innovate faster and more efficiently. As we continue to grow, we're looking for exceptional people to join our team and help drive impactful change across industries.</p><p style="font-family:"><b><strong style="color:rgb(0,0,0);font-size:12pt;white-space:pre-wrap;">Why Join AspenView?</strong></b></p><p style="font-family:">At AspenView, we're more than a nearshore IT partner—we're a <b><strong style="color:rgb(0,0,0);font-size:12pt;white-space:pre-wrap;">people-first, purpose-driven</strong></b> company that believes great culture drives great outcomes. We're passionate about connecting talent and technology to deliver measurable value for clients—and meaningful career paths for our people.</p><h3>Here's what you can expect:</h3><ul data-pattern="discCircleSquare" data-depth="1" style="font-family:"><li style="color:rgb(0,0,0);font-size:12pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Competitive base </li><li style="color:rgb(0,0,0);font-size:12pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Comprehensive benefits and wellness support</li><li style="color:rgb(0,0,0);font-size:12pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Flexible work model: hybrid, remote, or in-office</li><li style="color:rgb(0,0,0);font-size:12pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Real growth opportunities and leadership visibility</li><li style="color:rgb(0,0,0);font-size:12pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Inclusive, respectful culture that blends U.S. innovation with Colombian heart</li><li style="color:rgb(0,0,0);font-size:12pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">A company that listens, invests in you, and celebrates wins together</li></ul><p style="font-family:">The <b><strong style="white-space:pre-wrap;">Senior Threat Detection &amp; Incident Response (DFIR) Engineer</strong></b> is a high-impact technical expert responsible for identifying, investigating, and neutralizing sophisticated cyber threats. This role goes beyond standard monitoring; you will actively hunt for adversaries, develop advanced detection logic, and lead forensic investigations to understand the "how" and "why" behind an intrusion.</p><p style="font-family:">You will act as the technical authority during critical security events, ensuring that evidence is preserved, threats are contained, and lessons learned are translated into automated detection playbooks.</p><h3 style="font-family:">What you will do:</h3><p style="font-family:"><b><strong style="white-space:pre-wrap;">Detection Engineering &amp; Threat Hunting</strong></b></p><ul data-pattern="discCircleSquare" data-depth="1" style="font-family:"><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Lead proactive <b><strong style="white-space:pre-wrap;">threat hunting</strong></b> missions across endpoints, networks, and cloud environments using the <b><strong style="white-space:pre-wrap;">MITRE ATT&amp;CK</strong></b> framework.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Develop and optimize <b><strong style="white-space:pre-wrap;">SIEM content</strong></b> (Splunk, Sentinel, Chronicle, or QRadar) and <b><strong style="white-space:pre-wrap;">Sigma rules</strong></b> to identify emerging adversary TTPs.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Design and implement custom detection logic to reduce false positives and improve the fidelity of security alerts.</li></ul><p style="font-family:"><b><strong style="white-space:pre-wrap;">Incident Response &amp; Forensics</strong></b></p><ul data-pattern="discCircleSquare" data-depth="1" style="font-family:"><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Lead the <b><strong style="white-space:pre-wrap;">Incident Response</strong></b> lifecycle for high-severity events: from initial containment and eradication to evidence preservation.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Perform <b><strong style="white-space:pre-wrap;">digital forensics</strong></b> and deep-dive investigations on compromised systems to determine the root cause and scope of breaches.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Execute <b><strong style="white-space:pre-wrap;">malware analysis</strong></b> and reverse engineering to identify capabilities, C2 infrastructure, and indicators of compromise (IoCs).</li></ul><p style="font-family:"><b><strong style="white-space:pre-wrap;">Threat Intelligence &amp; Automation</strong></b></p><ul data-pattern="discCircleSquare" data-depth="1" style="font-family:"><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Collect, enrich, and disseminate <b><strong style="white-space:pre-wrap;">Threat Intelligence</strong></b> to proactively block emerging threats.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Design and automate <b><strong style="white-space:pre-wrap;">Incident Response playbooks</strong></b> to standardize response actions and reduce MTTR.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;">Collaborate with infrastructure and engineering teams to implement defensive hardening based on intelligence findings.</li></ul><h3 style="font-family:">Tools &amp; Technologies:</h3><ul data-pattern="discCircleSquare" data-depth="1" style="font-family:"><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;"><b><strong style="white-space:pre-wrap;">SIEM Tools:</strong></b> Advanced proficiency in Splunk (ES), Microsoft Sentinel, QRadar, or Google Chronicle.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;"><b><strong style="white-space:pre-wrap;">Forensics:</strong></b> Experience with EnCase, FTK, Volatility, or Velociraptor.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;"><b><strong style="white-space:pre-wrap;">Analysis:</strong></b> Tools like IDA Pro, Ghidra, Wireshark, and Burp Suite.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;"><b><strong style="white-space:pre-wrap;">Frameworks:</strong></b> Deep mastery of <b><strong style="white-space:pre-wrap;">MITRE ATT&amp;CK, Sigma, and YARA</strong></b> rules.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;"><b><strong style="white-space:pre-wrap;">Languages:</strong></b> Proficiency in <b><strong style="white-space:pre-wrap;">Python</strong></b> or <b><strong style="white-space:pre-wrap;">PowerShell</strong></b> for forensic automation and data analysis.</li></ul><h3 style="font-family:">What you bring:</h3><ul data-pattern="discCircleSquare" data-depth="1" style="font-family:"><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;"><b><strong style="white-space:pre-wrap;">6–8+ years</strong></b> of experience in SOC Operations, Incident Response, or Threat Intelligence.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;"><b><strong style="white-space:pre-wrap;">Investigative Mindset:</strong></b> Proven ability to follow complex attack chains and reconstruct security incidents.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;"><b><strong style="white-space:pre-wrap;">Technical Depth:</strong></b> Hands-on experience with memory forensics, network traffic analysis, and host-based artifacts.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;"><b><strong style="white-space:pre-wrap;">Automation Drive:</strong></b> A passion for transforming manual investigation steps into automated detection and response flows.</li><li style="font-size:11pt;margin:3px 0px;letter-spacing:0.25px;line-height:1.6;"><b><strong style="white-space:pre-wrap;">Certifications:</strong></b> GCIH, GCFA, GREM, or OSCP are highly valued.</li></ul><p style="font-family:"><b><strong style="color:rgb(0,0,0);font-size:12pt;white-space:pre-wrap;">Equal Opportunity Employer:</strong></b></p><p style="font-family:">AspenView is proud to be an equal opportunity employer. We believe in creating an environment where all employees feel welcome, valued, and empowered to succeed. We celebrate diversity and strive to build a culture of inclusion where all individuals, regardless of their race, color, gender, gender identity or expression, sexual orientation, disability, age, or any other characteristic, can thrive. We encourage applicants from all walks of life to join our team and make a lasting impact.</p><p>Originally posted on <a href="https://himalayas.app">Himalayas</a></p>

Apply with uptayn.

Sign in free to open the apply link, get this role scored against your CV, and track your application.

Sign in to apply
uptayn
2026 · built quietly in Berlin.
uptayn = up + attain
Pages
Built for
  • Recent business grads
  • Engineers pivoting to ops
  • Consultants → startup
  • Second-job operators
Quiet by default
  • No tracking pixels
  • No LinkedIn login
  • No spam outreach
  • Just roles + your CV
© 2026 uptaynAboutPrivacyTermsImpressum