Mid Level Incident Response Engineer Jobs
Mid level incident response engineer jobs go to professionals ready to own investigations end to end, mentor junior analysts, and drive containment decisions without waiting for direction. Roles are available across Technology & Software, Consulting & Professional Services, and Retail, with a 60% remote and hybrid share, and employers like Navan, a16z, and Abacus hiring at this level now.
Find JobsOverview
Showing 5 of 26+ Mid Level Incident Response Engineer jobs
MANTECH seeks a motivated, career and customer-oriented Cyber Incident Response Analyst to join our team in McLean, Virginia. Our team provides 24x7x365 cybersecurity support to one of the most coveted targets in the world.
The Cyber Incident Response Analyst will work a 4-day work week; 10 hours per shift. Staff will be assigned to either Sun-Wed or Wed-Sat. The schedule is fixed and does not rotate. We have openings on 1st, 2nd and 3rd shifts. Shift differential applies to 2nd and 3rd shifts. Candidates must be able to train on day shift for 6 months.
Responsibilities include but are not limited to:
- Incident Detection and Monitoring
- Incident Analysis and Investigation
- Incident Response and Mitigation
- Threat Intelligence and Vulnerability Management
- Reporting and Documentation
Minimum Qualifications:
- Bachelor’s degree in a technical field and 3+ years of experience in a cyber security related role or High School Diploma and 7+ years of experience in a cyber security related role
- 2+ years’ experience with incident response
- Knowledge of cybersecurity principles, incident detection, analysis, and response methodologies.
- Knowledge of operating systems, network protocols, and security technologies
- Knowledge of threat intelligence, vulnerability management, and security incident response best practices
- Ability to obtain a DoD 8570 IAT-II certification within 6 months of hire
Preferred Qualifications:
- Relevant certifications including GIAC Certified Incident Handler (GCIH), Certified Incident Response Handler (GCFA) or similar
- Experience with using SIEM systems, network security tools, and log analysis tools
- Experience with MITRE ATT&CK framework
- Experience with threat intelligence, vulnerability management, and security incident response
Clearance Requirements:
- Current/active TS/SCI w/Polygraph is required
Physical Requirements:
- The person in this position must be able to remain in a stationary position 50% of the time
See All 26 Mid Level Incident Response Engineer Jobs
Find roles that match your experience and apply in just a few clicks.
Find JobsMid Level Incident Response Engineer Job Market
Who's Hiring
- Navan4
- a16z1A
- Abacus1
- Geotab1
- Google1
Top Industries Hiring
- Technology & Software12
- Consulting & Professional Services6
- Retail3
- Investment & Asset Management2
- Fintech1
Mid Level Incident Response Engineer Jobs: Frequently Asked Questions
How do I get a mid level incident response engineer job?
Highlight ownership, not just participation: applications that show you led investigations, wrote post-incident reports, or improved detection rules stand out over those listing tools alone. Tailor your resume to the specific threat environment each employer faces, demonstrate comfort with a full incident lifecycle from triage to lessons learned, and be ready to discuss at least one complex incident you drove from detection through remediation.
Which companies hire mid level incident response engineers?
Companies hiring mid level incident response engineers right now include Navan, a16z, and Abacus, based on current listings on Migrate Mate as of July 2026. Hiring at this level covers large enterprises with mature security operations centers, government contractors, financial institutions, and growth-stage technology companies building out their incident response capabilities.
Are there remote mid level incident response engineer jobs?
Yes, though availability varies by employer and sensitivity of the environment. About 60% of mid level incident response engineer openings are remote or hybrid as of July 2026, with fully on-site roles more common in regulated industries like defense and finance where classified systems or compliance requirements limit remote access.
How do I move up to a mid level incident response engineer role?
The progression from entry level centers on accumulating owned outcomes, not just completed tasks. Build depth in at least one area such as malware analysis, digital forensics, or threat hunting, and take on full ownership of incidents rather than supporting a senior engineer. Document measurable impact, such as mean time to containment improvements or detection rules you authored, and seek environments where you can lead response efforts independently.
Which industries hire the most mid level incident response engineers?
Mid Level incident response engineer roles concentrate in Technology & Software, Consulting & Professional Services, and Retail, based on current listings on Migrate Mate as of July 2026. These sectors drive hiring at this level because their regulatory obligations, large attack surfaces, and sensitive data make mature, experienced incident response capacity a business-critical function rather than a nice-to-have.