World Wildlife Fund, Inc. logo

Cybersecurity Incident Response Engineer

World Wildlife Fund, Inc.·See all World Wildlife Fund, Inc. jobs on Jobr

Posted about 3 hours ago

OfficeQuito, , Ecuador

Job Description

Major Function

The Cybersecurity Incident Response (IR) Engineer at WWF protects the organization’s global mission by designing and operating capabilities to detect, investigate, and respond to cyber threats in WWF US and its Country Offices. The role works closely with security leadership and cross-functional teams to coordinate response efforts and strengthen security posture across WWF’s operations. The engineer leads technical investigations, containment, and remediation of incidents while developing automation, playbooks, and improved detection capabilities. Using data-driven analysis and threat intelligence, the role assesses risk and implements solutions that enhance resilience and reduce exposure. Success requires strong technical expertise, an engineering mindset, and the ability to translate complex security issues into business impact in a mission-driven environment.

Key Responsibilities

  • Incident Response Execution: Leads and supports investigation, containment, and remediation of cybersecurity incidents, including ransomware, account compromise, phishing, and data leakage across enterprise environments.
  • Operational Monitoring: Monitors and responds to security events across endpoints, networks, cloud services, applications, databases, and third-party environments.
  • Threat Detection & Analysis: Collects, correlates, and analyzes data from multiple internal and external sources to identify anomalies, validate threats, and support threat hunting activities.
  • Stakeholder Coordination: Serves as a key point of contact during incidents, collaborating with cybersecurity leadership, IR teams, and cross-functional stakeholders.
  • Root Cause & Reporting: Performs root cause analysis, prioritizes findings, and documents incidents from initial detection through post-incident review and lessons learned.
  • Security Engineering & Optimization: Improves detection and response capabilities through playbook development, workflow optimization, and alignment with KPIs and SLAs.
  • Program Maturity & Continuous Improvement: Participates in tabletop exercises, vulnerability assessments, and post-incident reviews to identify gaps and strengthen IR capabilities.
  • Cross-Functional Collaboration: Works closely with infrastructure, IT, vulnerability management, threat intelligence, and application security teams to enhance security posture.
  • Forensics & Evidence Handling: Ensures proper evidence collection, preservation, and chain of custody in support of investigations.
  • Communication & Documentation: Clearly communicates incident details, risks, and recommendations to technical and non-technical stakeholders.
  • Continuous Learning & Awareness: Stays current on emerging threats and shares knowledge to elevate team capability and organizational readiness.
  • Other duties as assigned.

Qualifications

Key Competencies

  • Conflict Navigation: Communicate issues to management with a plan to address/solve them.
  • Collaboration: Must be able to work well with others and have an open personality regarding work.
  • Communication Skills: The ability to decipher complex technical terms into everyday language for others to understand.
  • Solution-Oriented: Able to identify solutions to problems both independently and with guidance from leadership.

Skills and Abilities

  • Must have a Bachelor's degree in Computer Science or Information Technology
  • Bilingual in English and Spanish required. 
  • Minimum of 8+ years experience in Cybersecurity or related field:
    • Exp with Hunting, IoC, and Incident Response Execution: Leads and supports investigation, containment, and remediation of cybersecurity incidents, including ransomware, account compromise, phishing, and data leakage across enterprise environments.
    • Advanced understanding and proficiency with Windows and macOS operating systems. 
    • Experience configuring, deploying and using multiple security IR solutions such as SIEM, SOAR, playbooks and Endpoint Detection and Response (EDR) tools.
    • In depth knowledge of cloud services, third party risk management, and application security.
    • Familiarity with regulatory and compliance requirements such as PCI, CCPA, GDPR.
    • Threat Knowledge & TTPs: Maintains strong understanding of attacker methodologies, including escalation, lateral movement, and evolving tactics, techniques, and procedures.
  • Strong verbal and written communication skills.  
  • Ability to work both independently and collaboratively in a team environment.
  • Five or more experience with Security Operations Center and Incident Response preferred.
  • Understanding of threats and vulnerabilities, as well as principles of incident response and root cause analysis.
  • Committed to building and strengthening a culture of inclusion within and across teams.
  • Identifies and aligns with WWF’s core values:
    • COURAGE – We demonstrate courage through our actions, we work for change where it’s needed, and we inspire people and institutions to tackle the greatest threats to nature and the future of the planet, which is our home.
    • INTEGRITY – We live the principles we call on others to meet. We act with integrity, accountability and transparency, and we rely on facts and science to guide us and to ensure that we learn and evolve.
    • RESPECT – We honor the voices and knowledge of people and communities that we serve, and we work to secure their rights to a sustainable future.
    • COLLABORATION – We deliver impact at the scale of the challenges we face through the power of collective action and innovation.

Additional Information

Please note: Candidates must be currently based and authorized to work in one of the following  countries to be eligible for this position: Chile, Ecuador, Guatemala, Belize, Honduras, Mexico, Paraguay, Peru, Suriname, or Guyana.

Remuneration: Salary and benefits for this position will be paid in local currency.

Application instructions:  Resumes and cover letters must be submitted in English to be considered for this position.

Please note: Applicants must be legally authorized to work in the job's location. Position is not eligible for employment visa sponsorship.

World Wildlife Fund (WWF) promotes equal employment opportunities for all qualified individuals regardless of age, race, color, sex, religion, national origin, disability, or any other characteristic protected under applicable law. 

Other open roles at World Wildlife Fund, Inc.(6)

Manager, LATAM Implementation Oversight GCF Accredited Entity
Washington D.C., , United States
🏡 Remote
Director, Oceans Communications
Washington D.C., , United States
🏡 Remote
Cybersecurity Incident Response Engineer - Peru
Lima, Callao Region, Peru
🏡 Remote
Senior Director, Africa
Washington D.C., , United States
🏡 Remote
Senior Conservation Data Analyst/Engineer - R4458
Washington D.C., , United States
🏡 Remote
See all World Wildlife Fund, Inc. jobs on Jobr
Job details
Workplace
Office
Location
Quito, , Ecuador
World Wildlife Fund, Inc. logo
World Wildlife Fund, Inc.
View company page
Website+1
Apply smarter with Jobr

Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.

Direct from company career pages
AI-personalised cover letters
Human review before every submit
Application tracking & follow-ups