Incident Response Analyst

-

We are seeking a skilled Incident Response Analyst to join our cybersecurity team.

The ideal candidate will be responsible for monitoring, detecting, analyzing, and responding to security incidents.

This role requires a deep understanding of security threats, incident response processes, and the ability to work collaboratively across various teams to protect the organization’s information systems.

Key Accountabilities/Deliverables:



* Continuously monitor security alerts and incidents using Security Information and Event Management (SIEM) tools and other monitoring solutions.


* Analyze security events to identify anomalies and potential threats, escalating issues as necessary.


* Investigate and respond to security incidents, coordinating containment and eradication efforts.



* Conduct root cause analysis to understand the nature and scope of incidents and identify weaknesses.


* Maintain detailed documentation of incidents, response actions, and lessons learned.



* Prepare incident reports and presentations for management, highlighting key findings and recommendations.



* Work closely with IT, network, and system administrators to implement security controls and ensure the integrity of systems.


* Collaborate with legal and compliance teams to ensure adherence to regulations and reporting requirements.



* Assist in the development and refinement of incident response plans, policies, and procedures.


* Participate in post-incident reviews and recommend improvements to enhance the organization’s security posture.



* Provide support in cybersecurity training and awareness programs for employees.


* Assist in conducting tabletop exercises and simulations to test incident response effectiveness.

Technical Knowledge and Understanding:


* Strong understanding of security principles, threat landscapes, and incident response methodologies.


* Familiarity with regulatory requirements and compliance frameworks (e.g., NIST, ISO 27001).


* Knowledge of scripting or programming languages (e.g., Python, PowerShell) for automation and analysis tasks preferred.


* Familiarity with incident response frameworks and tools (e.g., The MITRE ATT&CK Framework) preferred.

Experience:


* Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field; relevant certifications are a plus.


* 3 years of experience in cybersecurity, with a focus on incident response and analysis.


* Experience with SIEM tools (e.g., Splunk, ArcSight) and other security technologies (e.g., firewalls, intrusion detection/prevention systems).


* Excellent analytical and problem-solving skills, with attention to detail.


* Strong communication and interpersonal skills, capable of collaborating with both technical and non-technical stakeholders.


* Ability to work under pressure and manage multiple priorities effectively.

 


* Relevant certifications ...