Investigate and respond to complex Level 2 security incidents using advanced EDR and forensics tools. Collaborate with teams to contain threats and improve incident response processes.
Responsibilities
Monitor, support, and restore security services around the clock to ensure enterprise security integrity. Investigate escalated cyber incidents with a focus on breach-class response and forensic analysis. Document incident details thoroughly and produce high-quality incident reports. Collaborate with internal teams and external stakeholders for effective threat containment and mitigation. Maintain and tune security tools and applications, ensuring optimal performance. Support operational activities by developing and refining incident response processes and procedures. Assist in preparing audit documentation, reports, and updates on security incidents and activities. Participate in threat intelligence activities, contribute to incident management plans, and support forensic investigations. Develop and present technical reports and analysis to technical and non-technical audiences. Stay current with industry trends and emerging cybersecurity threats through continuous learning.
Requirements
3–4 years’ experience in Security Operations / Incident Response. 3–4 years’ experience in breach-class incident investigations. 2–3 years’ experience with digital forensics and forensic analysis. 3–4 years’ experience with incident response using EDR tools. Strong knowledge of developing and assessing operational process documentation. Experience with live host activity analysis and timeline development. 2–3 years’ experience in incident response reporting. Ability to work independently on complex technical tasks. Excellent communication, collaboration, and problem-solving skills. Knowledge of security frameworks, best practices, and industry standards. Familiarity with forensic investigation tools and techniques. Nice to Have: Certifications such as CISSP, GIAC, or SANS certifications. Experience with threat hunting and advanced threat detection techniques. Knowledge of enterprise security architectures and controls. Previous experience supporting security audits and compliance efforts. Familiarity with security orchestration and automation tools.
Incident Response Analyst responsible for triaging cybersecurity incidents and managing responses. Collaborating with security teams and providing updates for internal and external stakeholders.