CrawlJobs Logo

Cybersecurity Incident Handler

zelis.com Logo

Zelis

Location Icon

Location:
United States , Morristown

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

86000.00 - 109250.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

As a Cybersecurity Incident Handler, you’ll take the lead on investigating and mitigating security incidents across the organization. You’ll dig into digital evidence, guide teammates through complex problems, and help strengthen our overall detection and response capabilities. In this role, you’ll handle hands-on technical work like forensics and incident analysis, while also supporting the team by sharing knowledge, improving processes, and helping shape how we respond to threats.

Job Responsibility:

  • Incident Analysis & Handling: Triage alerts, investigate suspicious activity, lead incident response steps, and coordinate containment and recovery efforts
  • Data Collection & Normalization: Make sure logs and security data are gathered correctly, cleaned up, and organized so the team can analyze them effectively
  • Digital Forensics: Examine systems, files, logs, and network data to understand what happened during security events
  • Mentoring & Training: Help newer analysts grow by sharing your experience, offering guidance, and running training sessions when needed
  • Technical / Process Guidance: Assist team members with technical questions, tool usage, investigation methods, and established response workflows
  • Shift Leadership: Act as the point person during your shift: manage workload, oversee investigations, ensure smooth handoffs, and support teammates. Participate in a rotating on-call schedule as required
  • Innovation: Look for opportunities to improve processes, recommend new tools or automations, and help refine how the team operates

Requirements:

  • Bachelor of Computer Science, Engineering, Information Security, Information Technology, or 4+ years of equivalent experience
  • 3+ years of enterprise level incident handling
  • Ability to partner with enterprise teams within a cybersecurity context
  • Effective oral and written communication skills with experience in cybersecurity technical process documentation
  • Demonstrated cyber defense and information security passion
  • Proven record of thought leadership via innovation and non-traditional solutions
  • Fundamental understanding of IT Security practices/programs/tooling, with demonstrated examples of driving initiatives forwards

Nice to have:

  • Advanced cybersecurity certifications (e.g., GCFA, GCIA, GNFA, GCTI, GREM, GCIH, GCFA, GPEN, OSCP, etc.)
  • Cloud (AWS, Azure, GCP, etc.) certifications
  • Proficiency in scripting and high-level programming languages (Python, PowerShell, bash, etc.)
  • Functional knowledge of SIEM, SOAR, malware sandboxing solutions and related tools
What we offer:
  • 401k plan with employer match
  • flexible paid time off
  • holidays
  • parental leaves
  • life and disability insurance
  • health benefits including medical, dental, vision, and prescription drug coverage

Additional Information:

Job Posted:
February 20, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Zelis - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cybersecurity Incident Handler

Senior Cybersecurity Analyst, Threat Hunter

Our cybersecurity and information security teams at IDEXX contribute to a more r...
Location
Location
United States , Westbrook, Maine
Salary
Salary:
120000.00 - 140000.00 USD / Year
idexx.com Logo
IDEXX
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6–10 years of experience in cybersecurity roles
  • Minimum of 3 years dedicated specifically to threat hunting or advanced incident response
  • Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related field
  • Preferred certifications GCIH (GIAC Certified Incident Handler) and CompTIA CySA+ (Cybersecurity Analyst+) certification
  • Proven, hands-on experience using platform for EDR (Endpoint Detection and Response) and threat hunting
  • Expert-level knowledge of PowerShell Scripting, Python and EDR and SIEM query language is preferred
  • Deep understanding of incident response lifecycles, methodologies, and forensic techniques
  • Strong knowledge of networking protocols, operating systems (Windows, Linux, macOS), and common attack vectors
  • Familiarity with scripting languages (e.g., Python, PowerShell) for automation of hunting tasks is a plus
  • Exceptional analytical and problem-solving skills with keen attention to detail
Job Responsibility
Job Responsibility
  • Proactively hunt for indicators of compromise (IOCs) and advanced persistent threats (APTs) across the network, endpoints, and cloud environments using threat intelligence and a hypothesis-driven methodology
  • Conduct in-depth analysis of security events, network traffic, and endpoint data to identify malicious activity and potential breaches
  • Utilize the SIEM and EDR platform extensively, applying expert knowledge of the scripting, SIEM and EDR query language to perform complex searches and data analysis
  • Lead and participate in incident response activities, including containment, eradication, and recovery efforts, serving as a primary escalation point for critical security incidents
  • Develop and refine threat hunting playbooks, procedures, and detection rules to improve the security team’s efficiency and effectiveness
  • Collaborate with the security engineering and security operations center (SOC) teams to integrate new threat intelligence and enhance existing security tools and controls
  • Mentor junior analysts and contribute to the ongoing improvement of the organization's overall security posture
What we offer
What we offer
  • Opportunity for annual cash bonus
  • Health / Dental / Vision Benefits Day-One
  • 5% matching 401k
  • Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching
  • Fulltime
Read More
Arrow Right

Cybersecurity Incident Handler

As a security operations center analyst, you’re in the middle of the action, res...
Location
Location
United States , San Antonio
Salary
Salary:
69400.00 - 158000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cybersecurity
  • Experience in a security operations center, including incident response activities such as analysis of artifacts, writing incident reports, and triaging of security events
  • Knowledge of cyber threat intelligence, digital forensics, red teaming, threat hunt, cloud incident response, counterintelligence, and detection engineering
  • Knowledge of cybersecurity standards and the implementation of industry best practices
  • Knowledge of external standards, including ISO 22301, ISO 22317, and NIST guidelines such as NIST 800-53 or NIST 800-61
  • Ability to work a rotating shift schedule supporting a 24/7 environment
  • TS/SCI clearance
  • HS diploma or GED
  • DoD 8140 Baseline Level II Certification
Job Responsibility
Job Responsibility
  • Monitor and analyze threats using state-of-the-art tools
  • Work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact
  • Analyze incidents to figure out just how many systems are affected and assist recovery efforts
  • Combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals to stop them from succeeding
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Read More
Arrow Right

Mid-Level Cyber Security Engineer

We are seeking a Mid-Level Cyber Security Engineer to provide expert cyber domai...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree + 12+ years of related experience
  • Master’s degree + 10+ years of related experience
  • Ph.D. degree + 7+ years of related experience
  • 15+ years of related experience without a degree
  • Experience conducting site surveys for IT equipment (racks, desktop PC environments)
  • Experience installing IT hardware in 24/7 operational environments
  • Strong understanding of: Cybersecurity assessments
  • Incident response
  • Risk & vulnerability assessment
  • Cyber threat analysis
Job Responsibility
Job Responsibility
  • Conduct and review complex cybersecurity assessments
  • Identify system vulnerabilities and areas of non‑compliance with cybersecurity standards
  • Recommend mitigation strategies and risk‑reduction approaches
  • Perform research, evaluation, and development in advanced cybersecurity areas
  • Perform and maintain vulnerability scans, generating clear reports for leadership
  • Track and report Information Assurance Vulnerability Management (IAVM) compliance
  • Support incident response teams with domain-specific expertise
  • Maintain a library of security audit tools and related testing processes
  • Review and update Authorization to Operate (ATO) documentation
  • Manage and report Plan of Action & Milestones (POA&M) compliance
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • eligible to enroll in our company 401(k) plan
Read More
Arrow Right

Mid-Level Cyber Security Engineer

We are seeking a Mid-Level Cyber Security Engineer to provide expert cyber domai...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Candidates must meet ONE of the following education/experience combinations: Bachelor’s degree + 12+ years of related experience
  • Master’s degree + 10+ years of related experience
  • Ph.D. degree + 7+ years of related experience
  • 15+ years of related experience without a degree
  • Technical Requirements: Experience conducting site surveys for IT equipment (racks, desktop PC environments)
  • Experience installing IT hardware in 24/7 operational environments
  • Strong understanding of: Cybersecurity assessments
  • Incident response
  • Risk & vulnerability assessment
  • Cyber threat analysis
Job Responsibility
Job Responsibility
  • Cyber Security Engineering & Analysis: Conduct and review complex cybersecurity assessments
  • Identify system vulnerabilities and areas of non‑compliance with cybersecurity standards
  • Recommend mitigation strategies and risk‑reduction approaches
  • Perform research, evaluation, and development in advanced cybersecurity areas
  • Security Operations & Monitoring: Perform and maintain vulnerability scans, generating clear reports for leadership
  • Track and report Information Assurance Vulnerability Management (IAVM) compliance
  • Support incident response teams with domain-specific expertise
  • Maintain a library of security audit tools and related testing processes
  • Risk Management & Compliance: Review and update Authorization to Operate (ATO) documentation
  • Manage and report Plan of Action & Milestones (POA&M) compliance
What we offer
What we offer
  • Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance
  • Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan
Read More
Arrow Right

Senior Digital Forensics Incident Response Analyst

The Senior Information Security Incident Response Analyst leads complex incident...
Location
Location
South Africa , Johannesburg
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles
  • Minimum of 5 years of experience in the technology information security industry
Job Responsibility
Job Responsibility
  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies
  • Fulltime
Read More
Arrow Right

Senior Information Security Incident Response Analyst

The Senior Information Security Incident Response Analyst leads complex incident...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles
  • Advanced knowledge of digital forensics, including disk and memory image analysis across Windows, Linux, and macOS platforms
  • Strong understanding and experience with network forensics, cloud forensics (Azure, AWS, GCP) and mobile forensics (iOS/Android)
  • Ability to communicate complex technical findings clearly to both technical and non‑technical client stakeholders
  • Strong analytical, critical thinking, and problem‑solving abilities during high‑pressure investigations
Job Responsibility
Job Responsibility
  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies
  • Fulltime
Read More
Arrow Right

Cyber Security Engineer

Provide hands‑on cyber expertise across compliance, vulnerability management, in...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree + 12 years of related experience
  • Master’s degree + 10 years of related experience
  • Ph.D. + 7 years of related experience
  • 15 years of related experience with no degree
  • Experience in: Cybersecurity assessments, incident response, and threat/risk/vulnerability analysis
  • Supporting complex networks/systems (including differing classification levels)
  • Applying the Risk Management Framework (RMF)
  • Strong written and verbal communication skills
  • ability to brief technical/non‑technical stakeholders
  • At least one active security certification, such as: Security+ CE, CySA+, CCNA Security, SSCP, CISSP (or Associate)
Job Responsibility
Job Responsibility
  • Conduct and review technical cybersecurity assessments
  • Identify vulnerabilities and non‑compliance with cybersecurity standards
  • recommend mitigations
  • Perform research, design evaluation, technical development, and system integration planning
  • Perform and maintain vulnerability scans
  • produce clear reports and metrics
  • Track and report IAVM (Information Assurance Vulnerability Management) compliance
  • Maintain a curated library of security audit tools and procedures for testing, internal audits, incident response, and diagnosis
  • Maintain Authorization to Operate (ATO) records and supporting artifacts
  • Manage and report POA&M (Plan of Action & Milestones) compliance
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • eligible to enroll in our company 401(k) plan
Read More
Arrow Right

Information Security Incident Response Analyst

The Information Security Incident Response Analyst supports clients during secur...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in incident response and digital forensics, with capability in host‑based, image, and log analysis
  • Experience using SIEM, EDR, IDS/IPS, and other security tools to triage, investigate, and respond to incidents
  • Ability to perform network analysis using tools such as Wireshark, tcpdump, and other tools
  • Experience in cybersecurity operations, consulting, DFIR services, or related technical security roles
  • Bachelor’s degree or equivalent experience in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant cybersecurity certifications such as SANS GIAC Security Essentials (GSEC) or equivalent preferred
  • SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred
  • SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred
  • Additional DFIR‑related certifications are considered a plus
  • Active UK Security Clearance is required
Job Responsibility
Job Responsibility
  • Investigates security incidents by performing host, disk, memory, network, and cloud forensic analysis under established processes and guidance
  • Analyzes artifacts across Windows, Linux, and macOS systems, helping reconstruct timelines and determine root cause
  • Supports clients through containment and recovery efforts by providing technical recommendations and clear communication
  • Participates in the team’s on‑call rotation for urgent incident response needs
  • Completes internal and client tasks such as tabletop exercises, IR readiness assessments, basic forensic reviews, and environment hardening support
  • Identifies observable gaps and risks within client environments and recommends improvements to strengthen security posture
  • Produces accurate documentation—including investigation notes, status updates, and final reports
  • Collaborates with global DFIR and other teams and stays current on threats, attacker techniques, and emerging forensic tools
  • Fulltime
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy