Senior Security Engineer - Incident Response new

Milan - Italy # Senior Security Engineer - Incident ResponsePrima could be the place for you.Since 2015, we’ve been using our love of data and tech to rethink motor insurance and bring drivers a great experience at a great price. Our story began in Italy, where we’ve quickly become the number one online motor insurance provider. In fact, we’re trusted by over 4 million drivers. And now we’re expanding to help millions more drivers in the UK and Spain.To help fuel that growth, we need a Security Engineer focused on Incident Response to join our **Security** **Team**.The Engineering Department is the beating heart of Prima. You’ll be joining over 300 engineers across software development, infrastructure, operations and security: fueled by curiosity, experimentation and collaboration, you’ll help deliver scalable, impactful solutions that shape the future of insurance.What you'll do::- Strengthen EDR/XDR and DLP configurations.- Define new automatic detections of security events in our SIEM.- Improve automatic enrichment and integration with SIEM/SOAR.- Automate security alerts triage and Incident Response playbooks.- Define runbooks to be used during Incident Response.- Lead and execute Table Top eXercises (TTX) with different actors and teams.- Lead by example during investigation and response of security alerts.- Oversee the on-call shifts.- Collaborate on all the activities of the Security Engineering team.What we're looking for::- Hands-on experience with SIEM and SOAR platforms.- Hands-on experience with Crowdstrike or similar EDR/XDR solutions.- Hands-on experience with MDM solutions.- Hands-on experience in AWS and K8s (EKS) security.- Proficiency in scripting and programming languages (e.g., Python, Rust).- Availability in on-call shifts to guarantee 24x7 security support.- Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams.- Self-motivated and proactive, with strong problem-solving skills and accountability for deliverables.- Experience working in an Agile environment.Nice-to-have:- Relevant certifications such as GCIH, GCFA, GREM, GCIA, or similar are preferred.- Hands-on experience with Google Chronicle.- Hands-on experience with Web Application Firewall configuration (e.g., Cloudflare).- Proficiency on using CI/CD systems and Infrastructure as Code (e.g., Python Pulumi).- Knowledge of Cloud Control Frameworks (e.g. CIS, CSA, NIST).- Web and mobile application security knowledge.- Experience in security research, bug bounty programs or CTFs.**Why you’ll love it here**** Work Your Way:** Enjoy full flexibility – work from home, the office or a mix of both. Plus, work from anywhere for up to 30 days a year. **Grow with us:** We may move fast at Prima, but we move together. Get access to learning resources, mentorship and a growth plan tailored to you. **Thrive and perform:** Your best work begins when you feel your best. Enjoy private healthcare, gym discounts, wellbeing programs and mental health support.**Apply now**.At Prima, we celebrate uniqueness. If you don’t meet every requirement but are passionate about this role, we still want to hear from you. Innovation thrives on diverse perspectives.