Cyber Defense Response Analyst II

About The Position

Requirements

• Innate Curiosity: An exceptional level of curiosity and a track record of self-teaching advanced technical concepts.
• Highly Innovative: You have a strong record of creative problem solving and taking unorthodox approaches to challenges
• A "Researcher" Mindset: A passion for collecting facts, debating details, and diving into "rabbit holes" to solve complex problems.
• Adept at High-Pressure Communication: Ability to deal effectively at all levels of the organization and translate technical research into clear, actionable intelligence for leadership.
• Record of Academic Excellence: A strong academic record with a demonstrated ability to innovate within information security.
• Highly Detail Oriented: Very strong attention to detail; you are the person who notices the one log entry that doesn't belong.

Nice To Haves

• DFIR Background: 2-4 years of practical experience with Digital Forensics, Incident Handling, and/or Malware Analysis. Demonstrated hands-on experience with leading forensics tools like KAPE, EnCase, Cellebrite, FTK, Magnet Axiom, and Autopsy, and comfort with malware analysis tools like Ghidra, Ida Pro, PEStudio, and x64dbg.
• SIEM/Data Analysis: 2–4 years of experience with Q Radar, Sentinel, Splunk, Chronicle, ArcSight, or similar log management technologies.
• Strong IT Fundamentals: Strong understanding of computer networking, operating systems, and their intersection with Cybersecurity.
• Programming Skills: Development experience with Python, specifically for data manipulation (Pandas) and interacting with security tool APIs.
• Cloud Experience: Practical experience with AWS, GCP, or Azure.
• Education: BA/BS in Engineering, Computer Science, or Information Security (non-tech degrees acceptable with appropriate levels of Information Security job experience and/or certifications).
• Certifications: GCIH, GCFE, GCFA, OSCP, Sec+, and similar cyber-oriented certifications are desired.

Responsibilities

• Digital Forensics and Incident Response: Drive the full incident response lifecycle from initial triage to remediation, confidently applying specialty skills like endpoint forensics and malware analysis. Be ready to operate in a multi-cloud environment.
• Threat Hunting: Conduct regular threat hunts to identify misconfigurations, detection gaps, and other anomalies.
• Automation & Engineering: Use AI, Python and REST APIs to build/integrate security tools for ad-hoc needs, while working with automation engineers to develop heavy-duty solutions for advanced use-cases.
• Tabletop Exercises (TTX): Lead regular tabletop exercises to improve team readiness.
• Technical Documentation: Contribute continuously to our internal knowledge base of incident response runbooks and playbooks, keeping it exhaustive, accurate, and reflective of the latest workflows.

Benefits

• CME Group is committed to offering a competitive total rewards package for our employees that recognizes their contributions to the business and reflects our long-term investment in their future.
• The pay range for this role is $103,200-$172,000. Actual salary offered will be dependent on a wide array of factors including but not limited to: relevant experience, skills, education and comparison to internal employees (where relevant).
• Our compensation program also includes an annual target bonus opportunity for all employees, as well as the opportunity to become an owner in the company through our broad-based equity program.
• Through our benefits program, we strive to offer flexibility, value and choice. From comprehensive health coverage, to a retirement package that includes both a 401(k) and an active pension plan, to highly competitive education reimbursement provisions, paid time off and a mental health benefit, CME Group offers a holistic benefits package for our team and their dependents.