Senior Security Engineer - Incident Response

Join Prima Group to help shape the future of motor insurance. Since 2015, we’ve been using our love of data and tech to rethink motor insurance and bring drivers a great experience at a great price. We’re expanding to help millions more drivers in the UK and Spain.

• Strengthen EDR/XDR and DLP configurations.
• Define new automatic detections of security events in our SIEM.
• Improve automatic enrichment and integration with SIEM/SOAR.
• Automate security alerts triage and Incident Response playbooks.
• Define runbooks to be used during Incident Response.
• Lead and execute Table Top eXercises (TTX) with different actors and teams.
• Lead by example during investigation and response of security alerts.
• Oversee the on‑call shifts.
• Collaborate on all activities of the Security Engineering team.

• Hands‑on experience with SIEM and SOAR platforms.
• Hands‑on experience with Crowdstrike or similar EDR/XDR solutions.
• Hands‑on experience with MDM solutions.
• Hands‑on experience in AWS and K8s (EKS) security.
• Proficiency in scripting and programming languages (e.g., Python, Rust).
• Availability in on‑call shifts to guarantee 24x7 security support.
• Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams.
• Self‑motivated and proactive, with strong problem‑solving skills and accountability for deliverables.
• Experience working in an Agile environment.

• Relevant certifications such as GCIH, GCFA, GREM, GCIA, or similar.
• Hands‑on experience with Google Chronicle.
• Hands‑on experience with Web Application Firewall configuration (e.g., Cloudflare).
• Proficiency in using CI/CD systems and Infrastructure as Code (e.g., Python Pulumi).
• Knowledge of Cloud Control Frameworks (e.g., CIS, CSA, NIST).
• Web and mobile application security knowledge.
• Experience in security research, bug bounty programs or CTFs.

Enjoy full flexibility: work from home, the office or a mix of both, plus work from anywhere for up to 30 days a year. This is a full remote position and we’re considering candidates located in Italy, Spain or the UK.

Grow with us: access to learning resources, mentorship and a growth plan tailored to you.

Thrive and perform: private healthcare, gym discounts, wellbeing programs and mental health support.

At Prima, we celebrate uniqueness. If you don’t meet every requirement but are passionate about this role, we still want to hear from you. Innovation thrives on diverse perspectives. Prima is proud to be an equal‑opportunity employer.

Mid‑Senior level

Full‑time

Information Technology

Computer and Network Security