Senior Incident Response Security Engineer

Senior Security Engineer - Incident Response

Join to apply for the Senior Security Engineer - Incident Response role at Prima. Prima is a data and tech-driven motor insurance provider expanding to the UK and Spain. To fuel growth, we’re hiring a Security Engineer focused on Incident Response to join our Security Team.

The Engineering Department is the beating heart of Prima. You’ll be joining over 300 engineers across software development, infrastructure, operations and security, delivering scalable, impactful solutions that shape the future of insurance.

Excited to make an impact? Here are the details.

• Strengthen EDR / XDR and DLP configurations.
• Define new automatic detections of security events in our SIEM.
• Improve automatic enrichment and integration with SIEM / SOAR.
• Automate security alerts triage and Incident Response playbooks.
• Define runbooks to be used during Incident Response.
• Lead and execute Table Top eXercises (TTX) with different actors and teams.
• Lead by example during investigation and response of security alerts.
• Oversee the on-call shifts.
• Collaborate on all the activities of the Security Engineering team.

• Hands‑on experience with SIEM and SOAR platforms.
• Hands‑on experience with Crowdstrike or similar EDR / XDR solutions.
• Hands‑on experience with MDM solutions.
• Hands‑on experience in AWS and K8s (EKS) security.
• Proficiency in scripting and programming languages (e.g., Python, Rust).
• Availability in on‑call shifts to guarantee 24×7 security support.
• Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams.
• Self‑motivated and proactive, with strong problem‑solving skills and accountability for deliverables.
• Experience working in an Agile environment.

• Relevant certifications such as GCIH, GCFA, GREM, GCIA, or similar are preferred.
• Hands‑on experience with Google Chronicle.
• Hands‑on experience with Web Application Firewall configuration (e.g., Cloudflare).
• Proficiency on using CI / CD systems and Infrastructure as Code (e.g., Python Pulumi).
• Knowledge of Cloud Control Frameworks (e.g., CIS, CSA, NIST).
• Web and mobile application security knowledge.
• Experience in security research, bug bounty programs or CTFs.

• Work Your Way: Enjoy full flexibility – work from home, the office or a mix of both. Plus, work from anywhere for up to 30 days a year.
• This is a full remote position and we’re considering candidates located in Italy, Spain or UK.
• Grow with us: We may move fast at Prima, but we move together. Get access to learning resources, mentorship and a growth plan tailored to you.
• Thrive and perform: Your best work begins when you feel your best. Enjoy private healthcare, gym discounts, wellbeing programs and mental health support.

Think you’re a match? Apply now.

At Prima, we celebrate uniqueness. If you don’t meet every requirement but are passionate about this role, we still want to hear from you. Innovation thrives on diverse perspectives.

Prima is proud to be an equal opportunity employer. Need accommodations during the process? Email us at talent.acquisition@prima.it. Let’s build the future of insurance, together.

Seniority level : Mid‑Senior level

Job function : Information Technology

Location: Madrid, Spain (remote options available for Italy, Spain or UK)