Back to Job Search

Incident Response Analyst

Role Purpose


The Incident Response Analyst is responsible for providing Tier 2 detection, containment, and analysis of security events. This role helps protect the confidentiality, integrity, and availability of information systems in alignment with the organization's business objectives, regulatory requirements, and strategic goals.

Key Responsibilities

  • Deliver Tier 2 incident response services across a global organization.
  • Receive, process, and resolve security-related tickets in line with defined SLAs.
  • Analyze system alerts, operational incidents, and intelligence sources to determine the scope and impact of security events.
  • Recommend improvements to existing processes and tools.
  • Assist in the design and deployment of threat detection and prevention solutions.
  • Use IR tools such as SIEM, log management, packet capture, and breach detection systems.
  • Support forensic investigations while maintaining chain-of-custody procedures.
  • Contribute to the development and documentation of security policies and procedures.
  • Identify and report compliance issues for management remediation.
  • Maintain security systems to ensure performance, reliability, and compliance.
  • Provide regular status updates and performance metrics to the Security Operations Manager.
  • Promote cybersecurity awareness and share internal knowledge.
  • Participate in special projects as required.

Technical Qualifications and Skills


Education:

  • Bachelor's degree in Computer Science or a related field, or equivalent professional experience.


Preferred Certifications:

  • GSEC, GCIH, GCFE, GREM
  • CISSP or SSCP (desired)


Experience & Skills:

  • Solid background in information security, particularly in incident response and forensics.
  • Knowledge of IR procedures, forensic practices, and chain-of-custody protocols.
  • Hands-on experience with tools such as SIEM, IDS/IPS, EDR, and breach detection systems.
  • Strong understanding of TCP/IP, DNS, and common network services.
  • Proficient in malware detection, reverse engineering, and evasion techniques.
  • Familiar with forensic tools like EnCase, FTK, Sleuth Kit, etc.
  • Experience with vulnerability management tools such as Qualys or Nessus.
  • Ability to analyze threats based on threat intelligence and attacker TTPs.
  • Strong analytical, problem-solving, and communication skills.
  • Experience in creating internal documentation and training content.
  • Capable of working independently with minimal supervision.
  • Open to working in a shift-based global support environment.
  • Passionate about cybersecurity with a drive for continuous improvement.

Key Competencies


Know-how:

  • Strong analytical and critical thinking skills.
  • Adaptability in handling diverse and dynamic tasks.


Dedication:

  • High level of integrity and diligence.
  • Proactive and committed to delivering on expectations.


Personal Impact:

  • Excellent influencing and negotiation skills.
  • Ability to build collaborative, trust-based relationships.


Humanity:

  • Respect for diversity and sensitivity in professional interactions.
  • Demonstrates empathy, discretion, and professionalism.

Additional Information

  • No travel required.
  • Must be committed to delivering exceptional customer service with empathy, respect, and technical expertise.