Cybersecurity Engineer - Incident Response & Threat Detection

Job Description Fragomen, an AmLaw 100 Firm and the leading global immigration services provider, is seeking a Cyber Security Engineer with strong experience in Incident Response, digital forensics, and threat detection to join our Information Security & Cyber Security team. Our industry-leading, immigration-specific technology and infrastructure is undergoing significant transformation, and security is critical to its success. We are seeking a professional who is passionate about protecting the organization, capable of leading response efforts during security incidents, and eager to mature enterprise-wide incident detection, investigation, and response capabilities. You will join a team of security engineers who make security a differentiator in our technology offerings. The successful candidate will play a key role in detecting, investigating, containing, and remediating cyber incidents, while helping to strengthen Fragomen’s overall security posture. How Will You Make a Difference at Fragomen? As a Security Engineer focused on Incident Response, you will: Lead and support end-to-end incident response activities, including detection, analysis, containment, eradication, and recovery. Monitor, investigate, and correlate security alerts using SIEM, EDR, and forensic tools. Perform digital forensic investigations across endpoints, servers, cloud, and network environments. Triage and escalate security events in accordance with established incident response procedures. Develop, maintain, and continuously improve incident response playbooks, SOPs, and workflows. Improve alert quality and response effectiveness through root cause analysis and post-incident reviews. Partner with IT, Legal, Compliance, Privacy, and Risk teams during security incidents. Support regulatory, legal, and client-driven incident response and reporting requirements. Participate in and facilitate incident response tabletop exercises and simulations. Contribute to the design and enhancement of detection, logging, and monitoring capabilities. Provide technical guidance and mentorship to junior analysts and security team members. Required Qualifications 1 years of experience in cybersecurity, incident response, or security operations. Hands-on experience responding to security incidents in enterprise environments. Strong ability to analyze security events and perform technical investigations. Working knowledge of: TCP/IP, DNS, HTTP/S, VPNs, firewalls, and proxy technologies Windows and Linux operating systems Identity and access systems and authentication mechanisms Experience using SIEM and security platforms such as: Splunk, Microsoft Sentinel, QRadar, ArcSight, ELK, or similar Ability to identify and respond to: Phishing and business email compromise Malware and ransomware Credential compromise Lateral movement and persistence mechanisms Brute-force and privilege escalation attacks Strong written and verbal communication skills, especially during high-pressure incidents. Demonstrated ability to follow structured processes while continuously improving them. Preferred Qualifications Experience with EDR, SOAR, and forensic tooling (e.g., CrowdStrike, Defender, Carbon Black, EnCase, Velociraptor, etc.). Experience supporting investigations involving legal, compliance, or regulatory stakeholders. Knowledge of MITRE ATT&CK and modern adversary tactics. Experience with cloud and SaaS incident response (Azure, M365, AWS, etc.). Relevant certifications, including: GIAC (GCIH, GCFA, GCIA) Offensive Security (OSCP, OSCE, OSEE) Vendor certifications (Splunk, Sentinel, CrowdStrike, etc.) All offers and/or employment contracts are contingent upon the successful completion of the Firm’s pre-employment screening process. This process may include verifying the candidate’s identity, confirming legal authorization to work in the offered position’s location, and conducting a comprehensive background check, where permitted by local regulations. We use limited AI‑assisted tools for administrative screening purposes only - never for decision‑making. All hiring decisions are made by people. Applicants may have rights to information and explanations regarding the use of such tools, or request human review, as required by applicable regional laws. Fragomen is the leading global immigration law firm with more than 6,000 professionals in nearly 70 offices across the Americas, EMEA and Asia Pacific, delivering services in over 170 countries. Ranked on both the Am Law 100 and Am Law Global 100, the firm is widely recognized for its leadership in immigration law and commitment to fostering a culture where diverse attorneys thrive and all individuals have equal opportunities to succeed. Fragomen helps corporations and individuals navigate the complexities of global mobility and provides end-to-end support across the immigration lifecycle, from strategic planning and policy design to compliance, government investigations, litigation and more. The firm combines legal acumen and advanced digital capabilities to simplify global mobility and deliver smarter, faster and more adaptive solutions via a suite of technology brands—including Nomadic, its business travel platform that enables real-time compliance, WorkRight, its multi-jurisdictional employment verification software and Simple Citizen, a digital solution designed to streamline the pathway to US citizenship. With a global presence, multidisciplinary approach and investment in technology, Fragomen is uniquely positioned to address today’s immigration challenges and shape the future of workforce mobility. Fragomen is committed to promoting diversity, inclusion and equal opportunity for all employees and applicants, regardless of race, ethnicity, heritage, gender, age, religion, disability, sexual orientation, gender identity or intersex status. At Fragomen, we do meaningful and impactful work for our clients and put a focus on our Responsible Business Practices: #LifeAtFragomen: We drive innovation and change. We respect colleagues, embrace diversity, and empower others. #FragomenForward: At Fragomen, pursuing an equal, diverse, and inclusive workforce goes beyond a policy. It’s part of our DNA—and always has been. Year after year, we are recognized as leaders in diversity in our industry. Giving Back. We have a deep history of giving back to the communities where we live and work—and we continue that mission today. Serving the less fortunate by providing advice and community support where it is most needed allows us to help immigrants secure a better future for themselves and their families. Corporate Social Responsibility. We believe there is more to success in business than generating profit—we want to do well by doing good. We are committed to considering the impact that our business decisions have on our people, our planet, the communities in which we work and our clients. Sustainability. Fragomen is focused on sustainability in our business operations and practices—and we know there is much work to be done, with countless opportunities available to minimize our impact on the environment Well-being. We are committed to implementing firmwide initiatives that support the health and wellness of our people, including programs to address work-life balance and benefits that cover a wide range of well-being needs of all employees. Our #FragomenWorks program provides the ability to be successful at home or in the office, via Hybrid & Remote work arrangements. Our Feedback Works process includes three managerial check-ins per year to help you progress in your career. Unique learning programs like: Fragomen Academy, Leadership Academy, Practical Management Academy, and Regional Development Conferences.