Incident Response Analyst

Talentgrator

18h

About The Position

Talentgrator is a recruitment and talent partner focused on the IT entertainment and iGaming sectors, connecting businesses with specialized professionals. We work with teams that need strong technical expertise and dependable execution in fast-moving environments where security, resilience, and operational discipline matter every day. We are looking for an Incident Response Analyst to join our Security team and operate on the front line of protecting the company’s infrastructure and services. This role is for someone who goes beyond simply reviewing alerts — you investigate incidents deeply, build detection logic, and help reduce response time proactively while strengthening the team’s ability to respond to threats with speed and clarity.

Requirements

3+ years of experience in Incident Response or Security Operations
Hands-on experience with SIEM platforms (Splunk, ELK/OpenSearch, Graylog, or similar)
Ability to read and interpret logs: OS (Linux/Windows/macOS), network, applications, cloud
Understanding of network protocols and traffic analysis (Wireshark, Zeek, etc.)
Knowledge of attacker tactics and techniques (MITRE ATT&CK, kill chain, IOC/TTP)
Ability to independently lead investigations from alert to final report
Scripting skills for automation (Python / Bash)
Basic understanding of integrating LLM-based tools
Native-level Russian proficiency

Nice To Haves

Experience with SOAR platforms and building playbooks
Experience with EDR/XDR solutions (CrowdStrike, SentinelOne, etc.)
Participation in CTFs, red team / blue team exercises, or pentesting
Experience with cloud logs (AWS CloudTrail, GCP Audit Logs, etc.)
Experience integrating security tools via APIs and automating response using LLM

Responsibilities

Work with WAF to analyze anomalous traffic, respond to web attacks, and fine-tune rules.
Work with DLP and MDM to investigate data leaks, analyze policy violations, and collaborate with teams on findings.
Monitor and triage alerts in SIEM, analyzing events, classifying incidents, and prioritizing response.
Integrate new log sources into SIEM, including normalization, parsing, and enrichment.
Develop and improve detection rules, correlation rules, and dashboards.
Reduce MTTR by identifying bottlenecks in response processes and implementing automation and runbooks.
Participate in incident post-mortems and provide actionable recommendations.
Conduct security incident investigations by collecting artifacts, reconstructing timelines, and performing root cause analysis.

Benefits

25 vacation days and 5 family days yearly
Flexible start to the workday
Support from a professional corporate coach and psychologist
Regular internal and external activities, workshops, trips, and corporate events
Access to our internal knowledge base, meetups, and team-building activities
Ongoing training in new technologies and continuous professional development support

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume