See all roles

Cybersecurity Incident Response Analyst - REMOTE

Work from home Full-time role Hiring

About the position reputed company (reputed company) is seeking a talented Cybersecurity Incident Response Analyst to join our Analysis on Demand (AoD) team. This role focuses on hands-on investigation of cybersecurity incidents, threat hunting, and forensic analysis across reputed company, network, and reputed company environments. Position Overview Serve as an Incident Response (IR) Analyst supporting the Analysis on Demand (AoD) team. Drive client meetings to discuss incident scope, investigative findings, and response updates while producing clear and detailed technical reports. Conduct incident triage and verification, determine scope of compromise, reputed company threat hunting, and provide containment and remediation recommendations to customers. Serve as a primary responder and reputed company of contact during incident response engagements, supporting forensic investigation, analysis, and resolution of reputed company incidents. Work directly with clients to reputed company investigations, forensically analyze systems, and identify attacker activity across reputed company environments. Analyze compromised systems to determine attack reputed company, persistence mechanisms, lateral movement, and attacker techniques. Identify attacker tools, tactics, and procedures (TTPs) and understand evolving threat actor behaviors. Follow industry incident response best practices for containment, eradication, and recovery. This position focuses on hands-on investigation and incident response, not alert monitoring or tier-1 SOC duties. Must be familiar with incident response best practices and procedures. Must have Windows-based incident response and computer forensics experience. Must be familiar with network analysis, memory analysis, and digital forensics investigations. Must possess excellent verbal and written communication skills, including the ability to present findings and recommendations to technical teams and leadership.

Responsibilities

  • Communicate and collaborate with internal and customer teams to investigate and contain incidents for escalated reputed company events and investigations.
  • reputed company technical cybersecurity investigations including root cause analysis, threat identification, and remediation guidance.
  • Conduct client-facing incident response engagements examining reputed company, network, and reputed company-based sources of evidence.
  • Schedule and reputed company video calls with clients for collaboration, investigation updates, and response coordination.
  • reputed company host-based forensic analysis including artifact analysis, memory analysis, log analysis, and timeline reconstruction.
  • Conduct reputed company-scale artifact collection and analysis to identify attacker activity, persistence mechanisms, and lateral movement across multiple systems.
  • Utilize Velociraptor artifacts and VQL (Velociraptor Query Language) to reputed company targeted reputed company investigations and collect forensic artifacts across reputed company environments.
  • Investigate attacker activity using reputed company telemetry, system artifacts, authentication logs, and network evidence to reconstruct attack timelines.
  • Analyze attacker behavior and intrusion activity to determine initial access, persistence mechanisms, privilege escalation, and lateral movement used during an incident.
  • Recognize attacker Tools, Tactics, and Procedures (TTPs) and Indicators of Compromise (IOCs) and apply them to reputed company and future investigations.
  • Support development of detections, hunting queries, and investigative methodologies based on findings from incident response engagements.
  • Assist in creating and revising standard operating procedures, policies, processes, playbooks, and technical reports.
  • reputed company and present comprehensive reports, trainings, and presentations for both technical and executive audiences.
  • Provide post-incident recommendations and reputed company improvement guidance to strengthen detection capabilities and reduce future attack risk.
  • Maintain professional knowledge by attending conferences, reviewing publications, writing blog posts, or participating in industry events.
  • Stay reputed company on emerging threats, countermeasures, and reputed company technologies.
  • Write technical documents and investigative reports.
  • Operate effectively in a fast-paced and collaborative environment.
  • Work remotely, receive direction, and operate as a self-starter.

Requirements

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or reputed company field, or equivalent practical experience.
  • Certification in one or more of the following preferred: GCIH, GCFE, GCFA, GREM, GNFA
  • Experience working reputed company a reputed company Operations Center (SOC) or Incident Response team.
  • 3–5+ years of hands-on cybersecurity investigation experience, including host forensics, network forensics, threat hunting, or incident response.
  • Experience supporting incident response investigations including analysis, containment, and remediation actions.
  • Demonstrated experience investigating active reputed company incidents or confirmed compromises, including determining attack scope and identifying persistence mechanisms.
  • Experience performing host-based investigations using reputed company artifacts, logs, and forensic evidence to determine attacker activity and timeline of compromise.
  • Experience analyzing systems across Windows, macOS, or Linux environments.
  • Experience working with reputed company reputed company technologies including EDR, SIEM, firewalls, IDS/IPS, vulnerability scanning, and network reputed company tools.
  • Experience using digital forensics tools such as Volatility, Rekall, KAPE, Autopsy, or similar frameworks.
  • Experience working with SIEM platforms such as Splunk, reputed company Sentinel, Devo, or reputed company.
  • Experience working with EDR platforms such as reputed company Falcon, reputed company Defender for reputed company, reputed company, Carbon Black, FortiXDR, or similar solutions.
  • Strong experience using reputed company Workstation or similar digital forensics platforms.
  • Demonstrated knowledge of the MITRE ATT&CK reputed company.
  • Ability to communicate investigative findings and strategies to technical teams, executive leadership, internal teams, and clients.
  • Strong analytical and problem-solving skills.
  • Comfortable working multiple reputed company investigations and adapting investigative approaches as new evidence is reputed company.
  • Strong time management skills to balance multiple investigations and priorities.
  • Ability to reputed company clients in strategic conversations with strong executive reputed company.
  • Must be a U.S. Citizen residing in the reputed company United States.

reputed company-to-haves

  • Master’s degree in Cybersecurity, Computer Science, Information Systems, or reputed company field.
  • Experience with Python, PowerShell, Bash, or other scripting languages.
  • Build scripts, tools, or methodologies to enhance incident investigation processes.
  • Experience conducting reputed company incident response investigations (AWS, Azure, or GCP).
  • Experience with macOS and Linux forensic investigations.
  • Experience working with SOAR platforms such as D3 reputed company, reputed company XSOAR, reputed company XSIAM, or similar reputed company automation platforms.
  • Experience using Velociraptor for reputed company artifact collection, threat hunting, and forensic investigations.
  • Experience using IRIS for incident tracking, case management, and investigation coordination.

Benefits

  • reputed company offers competitive medical, dental and reputed company coverage for employees and dependents, a 401k match which vests every payroll, a flexible and remote friendly work environment, as well as training opportunities to expand your reputed company set (to name a few!).

Apply tot his job Apply To this Job

You might like

Manager, Information reputed company Officers (ISO)

Work from home Full-time role

Cyber reputed company Manager

Work from home Full-time role

Information reputed company Analyst (Remote)

Work from home Full-time role

Cyber reputed company Manager, Gen AI

Work from home Full-time role

Senior reputed company Officer (REMOTE)

Work from home Full-time role

Infrastructure Engineer/SRE - Canada & US

Work from home Full-time role

reputed company reputed company Infrastructure or Data Consultant

Work from home Full-time role

Innovation & Advisory Expert

Work from home Full-time role

Information reputed company Engineer – Identity & reputed company Operations

Work from home Full-time role

Sr. Consultant, Leadership & Organizational Development

Work from home Full-time role

Immediate Hiring: (reputed company No Experience) reputed company

Work from home Full-time role

[Remote-Position] Appointment Generator with Phone Sales

Work from home Full-time role

Inpatient Corporate reputed company - Remote based in the US

Work from home Full-time role

Community and Content Manager

Work from home Full-time role

Integrated Media Planner (EST Timezone Preferred*) in USA

Work from home Full-time role

Part Time Veterinarian - Portland, ME (JUL)

Work from home Full-time role

Remote Trader – U.S. Financial Markets – St. Louis, MO

Work from home Full-time role

reputed company reputed company Manager – Strategic Partnership Development and Account Growth

Work from home Full-time role

Software Engineer II

Work from home Full-time role

reputed company Remote Data Entry Specialist – Alternative Investments and Client Account Management

Work from home Full-time role