Incident Response Analyst

We are seeking a skilled Security Incident Response Analyst to join our dynamic team and help us safeguard our digital assets. As a leading Software-as-a-Service (SaaS) provider, we are committed to maintaining the highest standards of security and data protection. The ideal candidate will be responsible for detecting, responding to, and mitigating security incidents, as well as continuously improving our security posture.

Reports To: DIrector of Threat Detection & Response

Responsibilities:

• Incident Detection and Response: Monitor security alerts and events to identify potential security incidents. Respond promptly to security incidents, including containment, eradication, and recovery.
• Threat Analysis: Analyze security threats and vulnerabilities to determine their impact on the organization. Conduct root cause analysis to prevent future incidents.
• Forensic Investigation: Perform digital forensics to investigate security breaches and gather evidence. Document findings and provide detailed reports.
• Security Monitoring: Utilize security information and event management (SIEM) tools to monitor events and system logs for suspicious activity.  Conduct threat hunts to proactively check for threats in our environment. 
• Detection Engineering: Develop and maintain detection rules and signatures to identify malicious activity. Continuously improve detection capabilities by incorporating new threat intelligence and attack techniques.
• Automation: Automate tasks using low code/no code SOAR platforms to streamline workflows and improve efficiency.
• Collaboration: Work closely with IT, DevOps, and other teams to ensure timely resolution of security incidents. Provide guidance and support to improve security practices.
• Incident Reporting: Prepare and present incident reports to management and stakeholders. Maintain accurate records of incidents and actions taken.
• Continuous Improvement: Stay up-to-date with the latest security trends, threats, and technologies. Recommend and implement improvements to the incident response process.

Skills and Qualifications:

• At least 4 years of experience as an Incident Response Analyst
• BSc or equivalent
• Technical Expertise: Strong knowledge of cybersecurity principles, threat landscape, and attack vectors. 
• Security Tools: Proficiency in using security tools and technologies, such as SIEM, XDR, EDR, SOAR etc.
• Engineering Skills:  Research, building, testing, and deploying, rules and searches that detect malicious activity  
• Analytical Skills: Excellent analytical and problem-solving skills. Ability to analyze complex security incidents and determine appropriate response actions.
• Certifications: Relevant certifications such as CEH or GIAC are preferred.
• Experience: Previous experience in a security incident response role, preferably in a SaaS environment.

#LI-TG

#LI-Hybrid