Security Incident Response Team (SIRT) Engineer

Security and Compliance Seattle, Washington Durham, North Carolina

Job Summary

The successful candidate for the Security Incident Response Team (SIRT) Engineer will help coordinate, report, and respond to cyber incidents impacting Avalara’s products, services, and enterprise infrastructure. You will work with world class staff and technologies to identify, monitor, and address all varieties of security events, while participating in a next-generation Security Incident Response Team.

You’ll be responsible for assessing ambiguous situations and data, apply security concepts, determine legitimacy, and lead investigations through closure. You will apply your strong enterprise IT background by analyzing data from Avalara’s ecosystem of tools, systems, and architectures to assist in incident response, threat hunting, and data analysis. You will interpret current configurations and processes and either create new or provide feedback on processes with the purpose of improving Avalara's security posture.  This role involves critical responsibilities within Incident Response procedures that must continue to be performed during crisis situations.

Job Duties

  • Respond to security incidents and escalations, coordinating a cohesive response involving multiple teams across Avalara
  • Perform sensitive security investigations in a manner consistent with industry standards with regards to computer and network forensics services
  • Perform phishing, spam, malware, layer 7, or forensic analysis as part of the incident management process
  • Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future
  • Identifying and recommending solutions that improve or expand Avalara’s incident response capabilities
  • Characterize suspicious adversarial activities and identify indicators or compromise (IOCs) from a variety of technologies, including antivirus, IDS, SIEM, WAF, etc.
  • Provide tactical security intel coordination focusing on information sharing and strategic partnerships within the organization
  • Participate in a 24x7 Security Operation Center (SOC) environment


  • 5 years of demonstrated experience in areas such as incident response, systems security, network, and/or application security
  • Strong scripting skills (E.g: Python, Perl, Bash, PowerShell, etc.)
  • Strong understanding of best practices in security engineering, including secure development, cryptography, network security, security operations, systems security, policy, and incident response
  • Excellent written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences
  • The capacity and tolerance for context switching and interruptions while remaining productive and providing effective, safe guidance
  • Knowledge of or familiarity with adversarial tactics and techniques framework
  • Knowledge of security industry standards or cybersecurity frameworks and their application to an organization
  • Ability to work with law enforcement and business partnerships internationally to investigate cybercrime and threat actors
  • Experience with researching and incorporating Cyber Threat Intelligence (CTI) findings into threat hunting or use case development process
  • Must be able to work autonomously as well as in team environments, often in stressful, high impact situations
  • Bachelor's degree in a related field
  • Preferred Qualifications
  • Technical depth in one or more specialties, including incident response, digital forensics, malware analysis, or some combination thereof
  • Experience working as part of a Computer Security Incident Response Team (CSIRT) or Product Security Incident Response Team (PSIRT)
  • Experience triaging and developing security alerts and response automation, conducting front-line analysis, and providing escalation support
  • Experience with a variety of cloud providers such as AWS
  • GCIA, GCIH, GMON, CEH, OSCP, or other related certifications

About Avalara

Avalara helps businesses of all sizes achieve compliance with transaction taxes, including sales and use, VAT, excise, communications, and other tax types. The company delivers comprehensive, automated, cloud-based solutions designed to be fast, accurate, and easy to use. The Avalara Compliance Cloud® platform helps customers manage complicated and burdensome tax compliance obligations imposed by state, local, and other taxing authorities throughout the world. Avalara offers more than 600 pre-built connectors into leading accounting, ERP, ecommerce and other business applications, making the integration of tax and compliance solutions easy for customers. Each year, the company processes billions of indirect tax transactions for customers and users, files more than a million tax returns, and manages millions of tax exemption certificates and other compliance documents. Headquartered in Seattle, Avalara has offices across the U.S. and overseas in the U.K., Belgium, Brazil, and India. More information at