Senior Incident Response Analyst (R-19347)

About The Position

Requirements

• At least 1 SANS/GIAC Certification (GCIH, GREM, GCFA preferred)
• Strong Hands-on experience with SIEM Platforms (Splunk, Microsoft sentinel, etc)
• Strong Hands-on experience with EDR Tools (CrowdStrike, Carbon Black)
• Strong Hands-on experience with Cloud environments (Azure, AWS, GCP, AliCloud)
• Strong Hands-on experience with Network log analysis (Netflows and PCAP files)
• Deep understanding of Mitre ATT&CK framework
• Deep understanding of Malware behavior and exploitation techniques
• Deep understanding of Windows, Linux, and macOS internals
• Deep understanding of Script analysis (Javascript, VBscript, powershell, python)
• Deep understanding of Malicious binary analysis (Windows, MacOS, Linux)
• Clear communication rooted in technical competence
• Confidence discussing findings with peers and senior management

Responsibilities

• Lead high-fidelity alert investigations, performing deep technical analysis to rapidly identify, contain, and remediate threats.
• Own complex incident investigations, driving technically precise conclusions and elevating the organization’s detection and response maturity.
• Champion process development, identifying gaps, designing scalable workflows, and implementing improvements that strengthen the Incident Response program.
• Create and refine technical playbooks, documentation, and response guides, ensuring clarity, consistency, and operational excellence.
• Mentor and uplift junior analysts, providing guidance, coaching, and training to build a high-performing team.
• Serve as the escalation point for critical and ambiguous cases, applying advanced threat analysis and sound judgment under pressure.
• Collaborate with engineering, IT, Legal, HR, and business partners to resolve incidents holistically and drive enterprise-wide security improvements.
• Apply strong analytical and technical expertise to continuously enhance SOC processes, workflows, and response capabilities.
• Contribute to the evolution of our detection landscape, partnering with detection engineering to improve log ingestion, alert logic, and signal quality.
• Assess and mitigate AI-related security risks, including model misuse, prompt injection, data leakage, and emerging automation attack vectors.
• Participate in an on-call rotation, serving as a trusted responder for high-severity incidents.

Benefits

• Generous paid time off in your first year, increasing with tenure.
• Up to 16 weeks 100% paid parental leave after one year of employment.
• Paid sick time to care for yourself or family members.
• Education assistance and extensive training resources.
• Do Good Program: Paid volunteer days & donation matching.
• Competitive 401k with company matching.
• Health & wellness benefits, including discounted Wellhub membership rates.
• Medical, dental & vision insurance for you, spouse/partner & dependents.