Job Description
Who We Are; What We Do; Where We’re Going
Magnet Forensics is a global leader in the development of digital investigative software that acquires, analyzes, and shares evidence from computers, smartphones, tablets, and IoT-related devices. We are continually innovating so our customers can deploy advanced and effective tools to protect their companies, communities, and countries.
Serving thousands of customers globally, our solutions are playing a crucial role in modernizing digital investigations, helping investigators fight crime, protect assets, and guard national security.
With employees based around the world, Magnet Forensics has been expanding our global presence. As a part of Magnet Forensics, you can expect to make a difference in the world, no matter what role you play. You’ll be supported through learning and development, not to mention an incredible team with unbelievable talent and integrity.
If you think you would be the right person to join our team working towards this goal, we would love to hear from you!
Role Overview
This isn’t just another security operations role. As the Incident Response & Security Operations Engineer, you will play a critical role in protecting Magnet Forensics by leading security incident response efforts, strengthening operational security practices, and ensuring that detection and response functions work effectively at scale.
You will serve as the central authority during security incidents, coordinating response activities across Information Security, IT, Business Systems, and third‑party security providers. Your work will directly influence how quickly and effectively the organization identifies threats, responds to incidents, and reduces operational risk.
This role blends incident leadership, security operations judgment, and continuous improvement. You’ll be empowered to make decisions, improve processes, and ensure security operations remain resilient as the organization grows.
What You’ll Do
Incident Response Leadership
Lead security incidents from initial triage through containment, remediation, recovery, and closure
Assess alert severity, scope, and business impact to determine appropriate response actions
Coordinate response efforts across IT, Business Systems, Compliance, Legal, and other stakeholders as needed
Lead incident bridges and response coordination during active events
Ensure incidents conclude with clear outcomes, documentation, and follow‑through
Availability to respond and investigate incidents as part of the 365/24/7 SOC/NOC
Managed SOC & Security Service Oversight
Own the operational relationship with managed detection and response providers
Review and validate alert quality, relevance, and escalation decisions
Ensure third‑party security services align with Magnet’s risk tolerance and operational needs
Drive improvements in alert routing, escalation paths, response workflows, and automation
Act as the internal authority on what constitutes actionable security signal
Security Operations & Vulnerability Effectiveness
Ensure vulnerability management and detection processes reduce exposure windows and support timely remediation
Improve visibility into vulnerability trends and patching progress over time
Identify and resolve operational bottlenecks that slow remediation or response efforts
Partner with IT teams to improve workflows, ownership, and accountability
Digital Investigation & Forensic Enablement
Learn and utilize Magnet Forensics Axiom as part of incident investigation and response activities
Support investigations involving computer, mobile device, and cloud data using a unified forensic platform
Apply Axiom workflows to interrogate and analyze digital evidence during security incidents
Leverage Magnet Axiom microlearning to build practical, real‑world forensic capability
Ensure investigative findings support incident understanding, decision‑making, and documentation
Vendor & Tool Accountability
Serve as the escalation point for security tooling vendors when issues impact response timelines or risk reduction
Hold vendors accountable to operational expectations and support commitments
Evaluate tooling effectiveness from an operational and risk‑reduction perspective
Ensure security tools integrate cleanly into existing workflows
Documentation & Continuous Improvement
Produce clear incident documentation including root cause, impact, response actions, and lessons learned
Lead post‑incident reviews and ensure corrective actions are tracked and implemented
Identify recurring incident patterns and drive long‑term improvements to reduce repeat issues
Cross‑Functional Communication & Readiness
Act as the primary security point of contact during incidents for IT and Business Systems teams
Communicate clearly and calmly during high‑pressure situations
Translate technical security findings into business‑relevant risk and impact
Support readiness activities such as tabletop exercises and response testing
What We’re Looking For
Education & Experience
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent practical experience
Demonstrated experience leading or coordinating security incident response efforts
Experience working in a co‑managed SOC or managed detection and response environment
Broad security operations experience across endpoint, email, identity, vulnerability management, SaaS, and cloud environments
Core Skills
Strong judgment in assessing alert severity, business impact, and escalation needs
Ability to operate effectively with incomplete or ambiguous information
Strong written communication skills, including incident summaries and RCA documentation
Proven ability to coordinate across multiple teams during operational events
Process‑oriented mindset with a focus on continuous improvement
What We Want (Preferred)
Experience supporting or participating in digital investigations or forensic workflows
Familiarity with Magnet Forensics Axiom or similar digital forensic platforms
Experience with tools such as Microsoft Defender, Proofpoint, Tenable, Jira, and related security platforms
Experience supporting compliance or audit activities related to incident response
Participation in tabletop exercises or incident readiness programs
Experience mentoring or guiding analysts during incident response
Certifications (Preferred, Not Required)
CISSP or CISM
Microsoft Cybersecurity Architect Expert, or Azure Solutions Expert
GCIH, GCED, or GCFA
GCFA, GCFE, GNFA, or GCIA
Digital forensics or incident response certifications aligned to enterprise environments
Relevant vendor or platform‑specific certifications
Compensation & Benefits
The Compensation range is for the primary location for which the job is posted. Please note that the actual compensation may vary depending on location and job-related factors such as qualifications, experience, knowledge and skills. If you are applying for this role outside of the primary location and you are selected for an interview, the Talent Acquisition Partner can share more information with you. If the compensation structure for the role includes an incentive component (i.e. most Sales roles) the range below represents total target compensation (TTC) (base salary + variable). Ensure this is formatted as “normal”
$126,000 - $154,000 (USD) a year
Salary range (min - max)
Position Type: Current Vacancy
Magnet is proud to offer benefits such as:
- Generous time off policies
- Competitive compensation
- Volunteer opportunities
- Reward and recognition programs
- Employee committees & resource groups
- Healthcare and retirement benefits
Indicators of Success
We’re looking for someone who checks off most, but not all, of the boxes listed in “skills and experiences”. It’s more important to us to find candidates who can display indicators of success through skills they have developed and experiences they have been a part of, than to find folks who have ‘been there, done that”. We want to be part of your development journey, and we’ll learn as much from you as you learn from us.
How We Work
At Magnet Forensics, we take a hybrid-flexible approach to support your productivity and work-life balance. If you’re within a comfortable travel distance to one of our offices, you’ll occasionally join us in person. How often you’ll come in depends on your department and team needs, typically ranging from weekly to monthly. These in-person moments help us build stronger connections, spark new ideas, and celebrate our successes together. Most days, you can choose what works best for you, while staying in tune with your team’s goals.
We’re excited to welcome you to our team and look forward to achieving great things together - both in the office and wherever you work best!
The Most Important Thing
We’re looking for candidates that can provide examples of how they have demonstrated Magnet CODE in their previous experiences:
CARE – We care about each other and our mission to make a difference in the world.
OWN – We are accountable for our results – while never forgetting to act with integrity, empathy, and respect.
DEDICATE – We put our heart and soul into meeting the needs of our customers and helping them serve the people they protect.
EVOLVE – We are constantly innovating and exploring new ways to work together to make an impact with our work.
Here at Magnet Forensics, we are committed to continuous learning and are focused on building a diverse and inclusive workforce. This commitment will be reflected in our hiring processes and embedded in our values and how we treat one another. If you’re interested in this role, but do not meet all of the qualifications listed above, we encourage you to apply anyways.
Magnet Forensics is an Equal Opportunity Employer and considers applicants for employment without regard to race, colour, religion, sex, orientation, national origin, age, disability, genetics or any other basis forbidden under federal, provincial, or local law. We are committed to providing an inclusive, accessible recruitment process and work environment. Accommodation is available to all applicants upon request throughout the hiring process. Please contact [email protected] should you require any accommodations.
All offers of employment at Magnet are contingent upon satisfactory completion of a background check. All background checks will be conducted in accordance with all applicable laws. Magnet will consider each position’s job duties, among other factors, in determining what constitutes satisfactory completion of the background check. Refusal to consent to a background check may be grounds for revoking an offer of employment.
US Applicants: Magnet Forensics participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.
Magnet Forensics handles and uses personal data of job applicants in line with its Recruitment Privacy Policy found here.
