Incident Response Engineer

Company Description

Wix makes it possible for anyone to succeed online. Since 2006, we’ve grown to around 5,300 employees in 22 countries, launched over 40 products, and serve over 282 million users and their visitors worldwide. At Wix, we push you to innovate, evolve in non-traditional ways, and collaborate. We operate in small teams that work closely together at a high level. 

Although we’re already industry leaders in web creation and business, our work is nowhere near done. Our goal is to become the main engine of the Internet so we can create a more open web for all.

We're proud to be an equal opportunity employer. Wix was built around the idea that everyone has the right to be successful, online. This same vision defines us as an employer: creating a work environment where everyone is welcome, and anyone has the right to succeed.

Job Description

We’re looking for a hands-on incident response expert that’s passionate about investigating real threats, building scalable detections, and improving automation across modern cloud-native environments. This is a high-impact role within our security group, ideal for someone who thrives on both investigation and building long-term solutions. In your day-to-day, you’ll:

• Investigate complex security incidents in cloud (AWS/GCP), containerized (Kubernetes), and endpoint environments

• Design and maintain detection rules and anomaly-based logic to identify emerging threats in production systems

• Automate forensic evidence collection and response actions across diverse platforms and services

• Collaborate with SOC analysts, Security Architects, and Engineering teams to improve detection coverage and data visibility

• Lead incident retrospectives and document technical findings, response steps, and process improvements

• Develop and maintain investigation playbooks, chain-of-custody protocols, and sprint-based IR deliverables

• Participate in on-call rotations and contribute to incident readiness exercises and escalation protocols

Qualifications

• 4+ years of hands-on experience in incident response or security operations

• Proficiency in Python for scripting, automation, and tool development

• Strong knowledge of cloud platforms (AWS and/or GCP) and container technologies (Kubernetes)

• Experience with detection engineering, threat hunting, and automated response tooling

• Familiarity with scripting or automation tools for investigation and remediation

• Excellent written and verbal communication skills in English

• Ability to work effectively with global teams across time zones

Additional Information

We are Wix’s Security Guild. We’re a group of highly motivated Security Engineers that form part of the Wix R&D group. We allow Wix Developers and users to achieve their goals without risk, often meaning we find or create unique solutions. Our work is exceptionally challenging due to Wix’s scale, agility, and advanced technical diversity. When it comes to technology, we have the ultimate playground, and although we work together closely, there’s always space for independence, innovation, and creativity.