Cyber Incident Analyst

Roles and Responsibilities

• Monitor, analyze, and respond to security alerts across SIEM, EDR, cloud, identity, and email platforms.
• Lead complex incident investigations from triage to remediation.
• Perform root cause analysis, including malware forensics, log analysis, and threat intelligence reviews.
• Develop and tune detection rules, alerts, and threat-hunting use cases.
• Manage multiple investigations simultaneously and lead cross-functional teams.
• Communicate incident status and outcomes to stakeholders and leadership.
• Maintain and improve incident response plans, playbooks, and reporting metrics.
• Participate in rotational on-call support for critical escalations.
• Stay updated on emerging threats, vulnerabilities, and attack trends.

Required Qualifications

• 10+ years in Information Security (SOC, NOC, CIRT experience).
• 8+ years in Cyber Incident ResponseCyber Incident Responseand Threat Hunting.
• Expertise in SIEM, EDR, cloud security, network/email security, and malware remediation.
• Advanced knowledge of Windows/Linux systems and threat analysis.
• Proven leadership in managing complex investigations.
• Familiarity with security frameworks (NIST) and compliance standards (HIPAA, GDPR, PCI, FedRAMP).
• Hands-on experience with Chronicle, CrowdStrike Falcon, Prisma Cloud, Check Point, Tanium.
• Knowledge of AWS, Azure, GCP.
• Strong communication skills for technical and non-technical audiences.

Preferred

• SANS certifications (e.g., GSEC, GCIH, GCFA, GCIA).
• Bachelor’s degree in Information Systems, Computer Science, or related field.

Posted By