Incident Response Senior Analyst

About The Position

Requirements

• Bachelor’s degree in computer science, information security, or related professional experience.
• Minimum of 1 to 3 years of experience in incident response, Security operation, threat management.
• Strong knowledge of SIEM, and SOAR environment.
• Hands-on experience with IDS/IPS, and endpoint protection platforms.
• Working knowledge of Azure Defender and AWS security suite (GuardDuty, Security Hub).
• Knowledge of network device configurations and standards (Firewalls, Switches, NSGs).
• Knowledge of common operating systems MacOS, Linux and Windows OS.
• Familiarity with malware analysis, reverse engineering, and forensic tools.
• Strong cross functional communication skills and the ability to work closely with internal teams & lead cyber incident remediation efforts.
• Familiarity with common security frameworks and standards, such as NIST.
• Knowledge of the Adversarial Tactics, Techniques, and Common Knowledge or MITRE ATT&CK framework.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and as part of a team.
• Ability to work under pressure and prioritize tasks during high-stress incidents.

Nice To Haves

• Relevant certifications, such as CompTIA Security+, GIAC Certified Incident Handler (GCIH), CISSP, GSEC, CEH, or similar Cybersecurity certifications are a plus.
• Proficiency in scripting languages (e.g., Python, PowerShell) and operating systems (Windows, Linux, macOS) will be preferred.

Responsibilities

• Respond to security incidents.
• Lead and manage alerts, investigate, contain, and eradicate the cyber threats.
• Conduct forensic investigations to identify the root cause of security breaches and recommend preventive measures.
• Participate in post-incident reviews to identify lessons learned.
• Coordinate with internal teams and external partners during incident containment, eradication, and recovery efforts.
• Monitor security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and other tools for suspicious activity.
• Investigate and assess potential threats, vulnerabilities, and attack vectors.
• Create detailed incident reports, document findings, remediation steps, and lessons learned.
• Maintain and update incident response playbooks and processes.
• Participate in Tabletop exercise and incident response trainings for other stakeholders.
• Creation of use cases for security alerts.
• Develop and implement strategies for prioritizing ingestion of logs into SIEM.
• Create standard operating procedure documentation for incident response.
• Work on threat assessment, and hunting.
• Conduct breach and attack simulations.
• Provide expert guidance and support to IT during incident investigation.
• Stay current with emerging security threats, vulnerabilities, and industry best practices.
• Emphasizing customer experience as a central measure of success, ensuring that Cyber threats are addressed in a manner that minimizes disruption and enhances the client's satisfaction.
• Improve reporting maturity through automation, consolidation, and other techniques as necessary.

Benefits

• Support for professional accreditations
• Flexible arrangements, generous holidays, plus an additional day off for your birthday!
• Continuous mentoring along your career progression
• Active sports, events and social committees across our offices
• 24/7 support available from our Employee Assistance Program
• The opportunity to invest in our growth and success through our Employee Share Plan
• Plus additional local benefits depending on your location