Senior Incident Response Security Engineer

Senior Incident Response Security Engineer

Join to apply for the Senior Incident Response Security Engineer role at Prima.

Our passion for data and technology has redefined motor insurance since 2015. We are one of the leading online motor insurance providers in Italy, serving over 4 million drivers, and expanding into the UK and Spain. To fuel this growth we need a Security Engineer focused on Incident Response to join our Security Team.

What You’ll Do

• Strengthen EDR/XDR and DLP configurations.
• Define new automatic detections of security events in our SIEM.
• Improve automatic enrichment and integration with SIEM/SOAR.
• Automate security alerts triage and Incident Response playbooks.
• Define runbooks to be used during Incident Response.
• Lead and execute Table Top eXercises (TTX) with different actors and teams.
• Lead by example during investigation and response of security alerts.
• Oversee the on-call shifts.
• Collaborate on all the activities of the Security Engineering team.

What We’re Looking For

• Hands‑on experience with SIEM and SOAR platforms.
• Hands‑on experience with Crowdstrike or similar EDR/XDR solutions.
• Hands‑on experience with MDM solutions.
• Hands‑on experience in AWS and K8s (EKS) security.
• Proficiency in scripting and programming languages (e.g., Python, Rust).
• Availability in on‑call shifts to guarantee 24×7 security support.
• Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams.
• Self‑motivated and proactive, with strong problem‑solving skills and accountability for deliverables.
• Experience working in an Agile environment.

Nice‑to‑Have

• Relevant certifications such as GCIH, GCFA, GREM, GCIA, or similar are preferred.
• Hands‑on experience with Google Chronicle.
• Hands‑on experience with Web Application Firewall configuration (e.g., Cloudflare).
• Proficiency on using CI/CD systems and Infrastructure as Code (e.g., Python Pulumi).
• Knowledge of Cloud Control Frameworks (e.g. CIS, CSA, NIST).
• Web and mobile application security knowledge.
• Experience in security research, bug bounty programs or CTFs.

Why You’ll Love It Here

🤸 Work Your Way: Enjoy full flexibility – work from home, the office or a mix of both. Plus, work from anywhere for up to 30 days a year.

❗ This is a full remote position and we\’re considering candidates located in Italy, Spain or UK.

🏁 Grow with us: Get access to learning resources, mentorship and a growth plan tailored to you.

🌈 Thrive and perform: Your best work begins when you feel your best. Enjoy private healthcare, gym discounts, wellbeing programs and mental health support.

Think you’re a match? Apply now.

Prima is proud to be an equal opportunity employer. Need accommodations during the process? Email us at talent.acquisition@prima.it. Let’s build the future of insurance, together.