INCIDENT RESPONSE CONSULTANT L1

At Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking norms and tirelessly innovating to stay ahead of evolving cyber threats and reshaping how we deliver customer outcomes. We are passionate about making a positive impact in the world, and we're looking for a highly skilled and experienced talent to join our dynamic team. Armor has unique offerings to the market so customers can a) understand their risk b) leverage Armor to co-manage their risk or c) completely outsource their risk to Armor. Learn more at: WORK LOCATION & SCHEDULE: Plano, Texas: Hybrid schedule with mandatory in-office days on Tuesday, Wednesday, and Thursday. Summary Armor is seeking an Incident Response Consultant to provide security consultation and incident response services to our managed security customers. This is an in-office position based at one of our SOC locations. This position consults with customers on security events, analyzes threats using professional judgment, and provides recommendations on detection, response, and remediation strategies. Working directly with customers across diverse environments, this role delivers expert guidance through the incident response lifecycle.Essential Duties and Responsibilities(Additional duties may be assigned as required) Consult with customers on security events, providing analysis and recommendations for response actions tailored to their environment. Analyze security data across SIEM, EDR, and cloud platforms to identify threats and advise on appropriate countermeasures. Provide guidance to customers through the incident response lifecycle based on NIST 800-53 and SANS best practices. Investigate potential compromises and recommend remediation strategies appropriate to customer risk tolerance and business requirements. Advise customers on security best practices, control improvements, and risk mitigation approaches. Analyze emerging threats and vulnerabilities; provide recommendations on defensive measures. Document findings, recommendations, and consultation outcomes for customer delivery. Collaborate with senior consultants on complex engagements and escalate as appropriate. REQUIRED SKILLS Linux and Windows Server administration fundamentals. Familiarity with cloud platforms (Azure, AWS, GCP) and their security services. Working knowledge of security tools: EDR, SIEM (Sentinel, Splunk, etc.), SOAR, and threat intelligence platforms. Understanding of networking fundamentals, TCP/IP, and common attack techniques. Ability to read and modify code (Python, PowerShell, KQL) for analysis and automation. Working knowledge of git version control including branching, commits, and pull request workflows. Proficiency with AI-assisted tools (Claude Code, GitHub Copilot, or equivalent) for accelerating security analysis and task automation. Understanding of AI/LLM security risks including prompt injection, data leakage, and model limitations. Ability to critically evaluate AI-generated outputs for accuracy and security implications. Willingness to adopt agentic AI workflows and AI-augmented tooling as part of daily security operations. Analytical mindset with ability to identify indicators of compromise and correlate events across data sources. Strong communication skills with ability to convey technical concepts to diverse audiences. Customer-focused with professional consulting demeanor. EDUCATION AND/OR EXPERIENCE 1-3 years of experience in security operations, incident response, or security consulting. Prior SOC analyst or IR experience preferred. Required certifications within 12 months: Microsoft Azure Security Technologies (AZ-500), Microsoft Security Operations Analyst (SC-200), Microsoft Identity and Access Administrator (SC-300). Certifications preferred: Security+, CySA+, CEH. Associate's or Bachelor's Degree in Information Technology, Cybersecurity, or related field preferred. WHY ARMORJoin Armor if you want to be part of a company that is redefining cybersecurity. Here, you will have the opportunity to shape the future, disrupt the status quo, and be a part of a team that celebrates energy, passion, and fresh thinking. We are not looking for someone who simply fills a role - we want talent who will help us write the next chapter of our growth story. ARMOR CORE VALUES Commitment to Growth: A growth mindset that encourages continuous learning and improvement with adaptability in the face of challenges. Integrity Always: Sustain trust through transparency + honesty in all actions and interactions regardless of circumstances. Empathy In Action: Active understanding, compassion and support to the needs of others through genuine connection. Immediate Impact: Taking initiative with swift, informed actions to deliver positive outcomes. Follow-Through: Dedication to delivering finished results with attention to quality and detail to achieve the desired outcomes. BENEFITS OVERVIEW Armor Offers A Strong Total Rewards Package Designed To Support Employees' Health, Well-Being, And Financial Future. U.S. Team Members Enjoy Comprehensive Benefits Including Medical, Dental, And Vision Insurance, Life And Disability Coverage, Paid Time Off, And Professional Development Support. The Company's Retirement Plan Includes A 401(K) With Employer Matching Contributions, Helping Employees Build Long-Term Savings As Part Of Their Financial Planning. Many Roles Also Offer Tuition Reimbursement And Work-Life Balance Perks Like Flexible Schedules And Remote Work Options. WORK ENVIRONMENT The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually low to moderate. The work environment can be either in an office setting or remotely from anywhere. Equal opportunity employer - it is the policy of the company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, national origin, age, disability, genetic information, veteran status, or any other consideration protected by federal, state or local laws.

Created: 2026-03-04