Senior Incident Response Analyst

Role
Overview

We
are seeking a highly skilled and proactive Senior Incident Response Analyst to join our security operations function. In this role, you will lead and
support the detection, investigation, containment, and remediation of security
incidents across enterprise and cloud environments. You will work closely with
SOC analysts, threat intelligence, engineering, IT, legal, privacy, and
business stakeholders to ensure timely and effective response to threats while
strengthening the organization’s overall security posture.

This
role requires strong technical depth, sound incident handling judgment, and the
ability to operate calmly under pressure in high -impact security situations.

Key
Responsibilities

• Lead
  end -to -end incident response activities, including triage, investigation,
  containment, eradication, and recovery.
  
• Analyze
  security alerts, logs, telemetry, endpoint artifacts, network traffic,
  cloud audit trails, and identity events to determine impact and scope.
  
• Perform
  root cause analysis and produce clear incident reports with actionable
  remediation recommendations.
  
• Coordinate
  incident handling across teams such as SOC, infrastructure, cloud,
  application, identity, and legal/compliance.
  
• Support
  forensics and evidence preservation activities while maintaining
  chain -of -custody practices.
  
• Develop
  and improve incident response playbooks, SOPs, escalation workflows, and
  response standards.
  
• Identify
  attack patterns, adversary behaviors, and control gaps using threat
  intelligence and detection engineering techniques.
  
• Collaborate
  with engineering teams to improve detection coverage, alert fidelity, and
  response automation.
  
• Lead
  post -incident reviews and drive corrective actions to reduce repeat
  incidents and business risk.
  
• Participate
  in on -call rotation and support major security incidents when required.
  
• Mentor
  junior analysts and contribute to knowledge sharing and operational
  maturity.
  

Required
Qualifications

• Bachelor’s
  degree in Cybersecurity, Computer Science, Information Technology, or a
  related field, or equivalent practical experience.
  
• 5
  to 8 years of experience in cybersecurity, with significant exposure to
  incident response, SOC operations, digital forensics, or security
  engineering.
  
• Strong
  hands -on experience in investigating endpoint, email, identity, cloud, and
  network security incidents.
  
• Solid
  understanding of attacker techniques, MITRE ATT&CK, malware behavior,
  privilege escalation, lateral movement, and persistence methods.
  
• Proficiency
  in analyzing logs and telemetry from tools such as SIEM, EDR/XDR, IDS/IPS,
  firewalls, proxy, IAM, cloud security platforms, and DLP systems.
  
• Experience
  with Windows and Linux environments, including command -line analysis and
  basic scripting.
  
• Familiarity
  with cloud platforms such as Azure, AWS, or GCP.
  
• Strong
  report writing, communication, and stakeholder management skills.
  
• Ability
  to work independently, prioritize under pressure, and make sound decisions
  during active incidents.
  
• Certifications
  such as GCIH, GCFA, GCFE, CEH, Security+, Azure Security Engineer,
  or equivalent.
  
• Experience
  with incident response automation, SOAR, or scripting using Python,
  PowerShell, Bash, or similar.
  
• Exposure
  to malware analysis, memory analysis, forensic tooling, or reverse
  engineering concepts.
  
• Experience
  supporting regulated environments such as financial services, healthcare,
  enterprise SaaS, or large -scale cloud deployments.
  
• Familiarity
  with Zero Trust, identity security, container security, and modern
  detection engineering practices.
  
• Experience
  working in high -scale or globally distributed environments.
  

Core
Competencies

• Strong
  analytical and investigative mindset
  
• High
  sense of ownership and accountability
  
• Clear
  written and verbal communication
  
• Ability
  to remain effective during high -severity incidents
  
• Collaboration
  across technical and non -technical teams
  
• Attention
  to detail and evidence -based decision making
  
• Continuous
  improvement and process discipline
  
• Participation
  in on -call rotation, flexible working hours & travel to client location, off -hours support for
  critical incidents.
  
• Comfortable
  operating in a fast -paced, collaborative, and security -sensitive
  environment.