Security Incident Response Engineer (Remote, EMEA)

Job post summary
Location EMEA
Team Trust and Security

About the role


We’re looking for curious and detail-oriented Shopifolks to join the Trust team as a Security Incident Response Engineer. 

As a Security Incident Response Engineer, you’ll be leveraging your expertise in Shopify’s products, applications and infrastructure, along with your knowledge of our internal device security and identity management to investigate security alerts, build reports to assess impact, and respond to incidents that could ultimately lower the trust merchants place in Shopify.

Here’s what you can expect from the role - an opportunity to:

  • Lead the execution of the technical roadmap for Security
  • Drive development and improvements in Security Incident and Event Management, Case Management and Automation
  • Perform forensic analysis of logs and data sources to drive a complete understanding of an incident
  • Generate information using queries and other techniques to build data sets used in notifications to impacted parties in line with legal obligations
  • Construct and investigate hypotheses related to potential root causes or additional attacker behaviour
  • Configure, maintain and implement new alerts using the tooling we have in place. 
  • Collaborate with other security and engineering teams to remediate security findings.
  • Lead the response efforts to security incidents as part of an on-call schedule, collaborating with colleagues all across Shopify. 
  • Lead root cause analysis (RCA) sessions. 
  • Participate in and help define security game day initiatives.
  • Continuously refine the knowledge base through documentation and build new documents in a way that scales with the team’s growth.


It would be great if you had experience in one or more of the following (don’t stress, we are not expecting experience in all of the following):

  • Writing custom SQL queries to answer technical questions
  • Profiling behaviour using SIEM or other logging systems
  • Handling unprecedented, complex, situations with limited direction or documentation
  • Communicating clearly in high stakes situations
  • Understanding of information security fundamentals.
  • Knowledge of security issues affecting web applications and infrastructure.
  • Researching and using data analysis to identify security threats. 
  • 5+ years of experience as a security engineer, site reliability engineer, or systems engineer with a minimum of two years (can be overlapping) with a focus on cybersecurity.
  • Enthusiasm for scalable, reproducible security management. 
  • Self-motivated and creative problem-solver able to work independently with minimal guidance.
  • Strong ability to work collaboratively across teams during high-stress situations.
  • Ability to manage multiple competing priorities and use good judgement to establish order of priorities on the fly.
  • Deep knowledge of SIEM, Case Management, and SOAR solutions.
  • Deep knowledge of threat hunting, incident response, and incident management.
  • Familiarity with standards such as ISO 27001/27002 or the NIST Cybersecurity Framework is desirable.
  • Experience working in financial services or financial technology desired.
  • Bachelor's degree in computer science, computer engineering, cybersecurity or related field; equivalent experience also accepted.
  • Certifications such as CISSP, GCFA, GNFA, GCIA, GCIH or similar will receive favorable consideration but are not required.
  • Software development skills in languages such as Ruby, Python, Golang, or similar.
  • Proficiency in Google Suite, Slack and Apple MacOS preferred. 

How to apply

We know that applying to a new role takes a lot of work and we truly value your time. Please read the following questions and give us your take on a solution by responding in the “Notes to the Hiring Manager” section of the application. We look forward to hearing your thoughts! 

  • Can you describe an interesting recent vulnerability you know of or worked on and why is it interesting?

Our belief is that a strong commitment to diversity & inclusion enables us to truly make commerce better for everyone. We encourage applications from Indigenous peoples, racialized people, people with disabilities, people from gender and sexually diverse communities, and/or people with intersectional identities. Please take a look at our Sustainability Reports to learn more about Shopify’s commitments to our communities, and our planet.

At Shopify, we understand that experience comes in many forms. We’re dedicated to adding new perspectives to the team - so if your experience is this close to what we’re looking for, please consider applying.

How we hire

At Shopify, we put a lot of care and time into who we hire. We believe that in order to build the best products, we need to build high impact teams. Our recruitment process centres around what we call the Life Story interview, a conversational-style interview where we get to learn more about you.
Learn more about our hiring process 

Not what you’re looking for?Check out these similar roles.

Job postings for similar
Position Team Location
Security Incident Response Analyst (Remote, EMEA) Trust and Security EMEA
Manager - Security Incident Response (Remote, EMEA) Trust and Security EMEA

Let's make commerce better for everyone

Search jobs
Shopify Merchant's Pottery Shop