Incident Response DevOps Engineer

at Velossent, LLC
Location Atlanta, GA
Date Posted March 13, 2021
Category Default
Job Type Contract to Hire


We’re looking for an Incident Response DevOps Engineer with 5+ years of professional development experience with any language such as Python, Shell (Bash, PowerShell, etc.), Golang, and C#, supporting web-based applications, in any of the public cloud vendor environments including AWS, Azure, Office 365, and GCP for a great remote opportunity.

As the Incident Response DevOps Engineer, you will build large-scale collection and parsing solutions to automate menial tasks increasing the efficiency and effectiveness of Incident Response technical analysis. You will be charged with developing and tailoring proprietary, commercial, and open source tools for the needs of frontline incident responders and threat hunters. This position will be a key component of the Incident Response practice working to design, build, and tailor various methods, integrate disparate software technologies and build applications for cybersecurity analysis efforts.


As the Incident Response DevOps Engineer, you will:

  • Develop tools and applications for Incident Response consulting staff to collect and analyze malicious activity in log data, network traffic, endpoint data and cloud data
  • Develop ways to integrate disparate systems and data sources into applications used to analyze and orchestrate actions via APIs across multiple systems
  • Develop tools, scripts and applications to streamline or automate common incident analysis and threat hunting tasks, including data collection, data parsing, and data analysis processes
  • Serve as the focal point for developing innovative techniques to solve a wide range of software needs for IR consulting engagements including urgent scripts needed for incident response engagements and applications used to conduct collection and analysis at scale for cybersecurity analysis efforts 
  • Architect and develop web-based applications and cross-platform command-line based tools that will run within public cloud environments and on local computer systems used for cybersecurity analysis efforts