CrawlJobs Logo
Alter Domus Logo Alter Domus · IT - Administration

Incident Response Senior Analyst

United States, Salt Lake City · Job Posted March 01, 2026
Apply Position
Job Link Share

Job Description

We are seeking a highly skilled and detail-oriented Cybersecurity Incident Response Senior Analyst to join our team. The ideal candidate will be responsible for monitoring, analyzing, and responding to cybersecurity incidents, ensuring the organization's digital assets and data remain secure. This role is critical in identifying vulnerabilities, mitigating risks, and maintaining compliance with security policies and standards.

Job Responsibility

  • Respond to security incidents
  • Lead and manage alerts, investigate, contain, and eradicate the cyber threats
  • Conduct forensic investigations to identify the root cause of security breaches and recommend preventive measures
  • Participate in post-incident reviews to identify lessons learned
  • Coordinate with internal teams and external partners during incident containment, eradication, and recovery efforts
  • Monitor security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and other tools for suspicious activity
  • Investigate and assess potential threats, vulnerabilities, and attack vectors
  • Create detailed incident reports, document findings, remediation steps, and lessons learned
  • Maintain and update incident response playbooks and processes
  • Participate in Tabletop exercise and incident response trainings for other stakeholders
  • Creation of use cases for security alerts
  • Develop and implement strategies for prioritizing ingestion of logs into SIEM
  • Create standard operating procedure documentation for incident response
  • Work on threat assessment, and hunting
  • Conduct breach and attack simulations
  • Provide expert guidance and support to IT during incident investigation
  • Stay current with emerging security threats, vulnerabilities, and industry best practices
  • Emphasizing customer experience as a central measure of success, ensuring that Cyber threats are addressed in a manner that minimizes disruption and enhances the client's satisfaction
  • Improve reporting maturity through automation, consolidation, and other techniques as necessary

Requirements

  • Bachelor’s degree in computer science, information security, or related professional experience
  • Minimum of 1 to 3 years of experience in incident response, Security operation, threat management
  • Strong knowledge of SIEM, and SOAR environment
  • Hands-on experience with IDS/IPS, and endpoint protection platforms
  • Working knowledge of Azure Defender and AWS security suite (GuardDuty, Security Hub)
  • Knowledge of network device configurations and standards (Firewalls, Switches, NSGs)
  • Knowledge of common operating systems MacOS, Linux and Windows OS
  • Familiarity with malware analysis, reverse engineering, and forensic tools
  • Strong cross functional communication skills and the ability to work closely with internal teams & lead cyber incident remediation efforts
  • Familiarity with common security frameworks and standards, such as NIST
  • Knowledge of the Adversarial Tactics, Techniques, and Common Knowledge or MITRE ATT&CK framework
  • Excellent analytical, problem-solving, and communication skills
  • Ability to work independently and as part of a team
  • Ability to work under pressure and prioritize tasks during high-stress incidents

Nice to have

  • Relevant certifications, such as CompTIA Security+, GIAC Certified Incident Handler (GCIH), CISSP, GSEC, CEH, or similar Cybersecurity certifications are a plus
  • Proficiency in scripting languages (e.g., Python, PowerShell) and operating systems (Windows, Linux, macOS) will be preferred

What we offer

  • Support for professional accreditations
  • Flexible arrangements, generous holidays, plus an additional day off for your birthday
  • Continuous mentoring along your career progression
  • Active sports, events and social committees across our offices
  • 24/7 support available from our Employee Assistance Program
  • The opportunity to invest in our growth and success through our Employee Share Plan
  • Plus additional local benefits depending on your location
Alter Domus - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Incident Response Senior Analyst

8 matching positions

Senior Incident Response Analyst

Wrike is seeking an experienced Senior Incident Response Analyst to help safegua...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
klaxoon.com Logo
Klaxoon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 5 years of experience in a Senior Incident Response Analyst/SOC/Cybersecurity or similar security-focused role in a software product company
  • Deep understanding of network fundamentals and a wide range of security threats
  • Exceptional analytical and problem-solving skills, with the ability to think critically under pressure
  • Outstanding communication skills, both written and verbal, with the ability to convey complex concepts to technical and non-technical audiences
  • Hands-on experience with leading security information event management (SIEM) and extended detection and response (XDR) platforms (e.g., Rapid7, Splunk, Wazuh, Microsoft Defender for Endpoint, Crowdstrike)
  • Strong experience in log analysis, event correlation, and incident response
Job Responsibility
Job Responsibility
  • Lead the monitoring, analysis, and triage of complex security alerts and events, providing expert guidance to junior team members
  • Assess risk and impact of potential incidents, recommending and overseeing appropriate remediation actions
  • Employ a broad range of advanced security tools and technologies to proactively detect and investigate sophisticated cyber threats
  • Collaborate with and mentor other teams, including incident responders, to ensure timely and accurate escalation and resolution of high-priority cases
  • Oversee documentation and reporting of security incidents, ensuring accuracy, clarity, and timely delivery to relevant stakeholders
  • Drive the ongoing development and enhancement of security monitoring and detection capabilities, introducing best practices and automation where appropriate
  • Stay ahead of the latest security trends, emerging vulnerabilities, and best practices, sharing knowledge and recommendations within the team and across the organization
  • Demonstrated experience functioning at an L3 level, serving as the final escalation point for resolving complex security incidents and issues
  • Mentorship of junior/mid senior analysts, ability to share knowledge
What we offer
What we offer
  • 18 calendar days of paid vacation (12 days of National & Festival holidays (10 fixed, 2 flexible))
  • Sick Leave Compensation (5 Paid Uncertified Sick Days)
  • Menstrual Leave: Twelve (12) days per calendar year. Women employees are eligible for up to 1 day of menstrual leave per month.
  • Parental Leave: 26 Weeks Maternity / 4 Week Paternity
  • 2 Volunteer Days
  • Group Medical Insurance (Employees + Dependents)
  • Term Life Insurance (Rs 50,00,000)
  • Personal Accident Insurance (Rs 50,00,000)
  • Monthly Broadband / Internet Reimbursement (INR 1500)
  • Hybrid Working Model + Complimentary Lunch & Snacks
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Incident Response Analyst

You will work as a Senior Cybersecurity Incident Response Analyst as part of Hew...
Location
Location
Ireland , Galway
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • typically 4+ years of relevant experience
  • SOC team/Incident response analyst experience is required
  • proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • advanced understanding of adversary tactics, techniques, and procedures (TTPs)
  • advanced Cyber and IT security knowledge
  • advanced understanding of Cyber and IT security risks, best practices, threats and prevention measures as well as containment and remediation actions
  • advanced understanding of SQL and relevant scripting languages
  • advanced data security system analysis skills
  • advanced risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most complex cybersecurity incidents, guiding cross-functional teams through containment, eradication, and recovery
  • analyze associated logs and respond to high severity incidents
  • suggest automation opportunities to enhance IR
  • mentor and provide technical guidance to less experienced cybersecurity professionals
  • stay at the forefront of cybersecurity trends, threats, and technologies
  • foster a culture of continuous improvement and innovation
  • encourage the adoption of new technologies and methodologies
  • provide insight and guidance through after action reviews working with stakeholders.
What we offer
What we offer
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • programs for professional and personal career development
  • unconditional inclusion and flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Analyst – Incident Response & SOC

We don’t hang up the leash until the job is done. Senior Cyber Security Analyst ...
Location
Location
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Email security fundamentals (SPF, DKIM, DMARC)
  • Phishing and malware investigations
  • DFIR / forensic investigation skills
  • Deep incident response experience
  • Threat analysis across multiple log sources
  • Hands-on tooling knowledge (EDR, SIEM, malware analysis, endpoint/network forensics)
  • Strong troubleshooting and scenario-based thinking
  • Strong written and verbal communication skills
  • Working knowledge of Data Loss Prevention concepts/products, Data Encryption concepts, and endpoint management
  • Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Job Responsibility
Job Responsibility
  • Leading investigations and serving as a subject matter expert while correlating data across multiple log sources and systems
  • Continually improving cyber security procedures and documentation to enhance the security posture of the organization
  • Communicating with users, vendors, and other IT personnel on security-related issues, providing expert guidance and support
  • Staying up to date on evolving cyber threats, identifying their impact, and detecting them in our environment
  • Managing infrastructure security systems such as HIDS/NIDS, SIEM, NGAV, EDR, UBA, WAF, DLP, and vulnerability management tools to meet regulatory requirements
  • Collaborating with business groups to establish and maintain strong working relationships
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right

Senior Digital Forensics Incident Response Analyst

The Senior Information Security Incident Response Analyst leads complex incident...
Location
Location
South Africa , Johannesburg
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles
  • Minimum of 5 years of experience in the technology information security industry
Job Responsibility
Job Responsibility
  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies
  • Fulltime
Read More
Arrow Right

Senior Information Security Incident Response Analyst

The Senior Information Security Incident Response Analyst leads complex incident...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles
  • Advanced knowledge of digital forensics, including disk and memory image analysis across Windows, Linux, and macOS platforms
  • Strong understanding and experience with network forensics, cloud forensics (Azure, AWS, GCP) and mobile forensics (iOS/Android)
  • Ability to communicate complex technical findings clearly to both technical and non‑technical client stakeholders
  • Strong analytical, critical thinking, and problem‑solving abilities during high‑pressure investigations
Job Responsibility
Job Responsibility
  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies
  • Fulltime
Read More
Arrow Right

Senior Incident Handler - Security Incident Response Team

As an Expert Security Analyst – Incident Coordinator, you will take a leadership...
Location
Location
Netherlands , Veldhoven
Salary
Salary:
Not provided
asml.com Logo
ASML
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field
  • 7+ years experience in advanced cybersecurity roles
  • Experience working with stakeholders in a complex organization
  • Proven record of influencing upper management towards security best practices
  • Expertise in Security Monitoring, Log Analysis, and Threat Hunting
  • Deep knowledge of Endpoint, Network, OT, Information and Cloud Security
  • Certifications – CISSP, GCIH, GCFA, CISM preferred
Job Responsibility
Job Responsibility
  • Security Monitoring – monitor security alerts for malicious activity or anomalies, ensuring swift response
  • Incident Handling – Lead investigations into high-profile, complex, or advanced persistent threats (APTs)
  • Threat Hunting – Proactively search for hidden threats and improve detection capabilities
  • Incident Analysis – Correlate data across multiple sources to detect sophisticated attack patterns
  • Detection & Response Optimization – Develop advanced detection techniques and security automation strategies
  • Technology Leadership – Act as an SME for SecOps tools and threat domains
  • Mentorship & Training – Provide guidance and mentorship to analysts at all levels
  • Fulltime
Read More
Arrow Right

Senior Information Security Incident Response Lead

The Senior Information Security Incident Response Lead is responsible for managi...
Location
Location
Mexico , Mexico
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science or related preferred
  • SANS GIAC Security Essentials (GSEC) or equivalent preferred
  • SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred
  • SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred
  • Advanced experience in a Technology Information Security Industry
  • Advanced experience or knowledge of SIEM and IPS technologies
  • Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors
  • Advanced understanding of End Point Protection Software
  • Advanced understanding of Enterprise Detection and Response software
  • Advanced knowledge of technological advances within the information security arena
Job Responsibility
Job Responsibility
  • Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated
  • Performs access management activities according to the policy
  • Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses
  • Interacts with a global team of Cyber Security Analysts and specialists
  • Manages 2nd level triaging of security alerts, events, and notifications
  • Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees
  • Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders
  • Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified
  • Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults
  • Maintains an understanding of current and emerging threats, vulnerabilities, and trends
Read More
Arrow Right

Incident Response and SOC Analyst

The role supports the Cyber Security Operations Centre for the EU critical infra...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong incident response methodology and hands-on experience in end-to-end incident handling in multinational settings
  • Advanced knowledge of XSOAR playbook creation and automation
  • Proficiency in designing and adapting automated workflows and enrichment
  • Python programming skills
  • Ability to present technical and business information effectively to diverse EC stakeholders
  • High standards for incident documentation, KPI reporting, and compliance with security frameworks
  • Familiarity with cloud-native services (AWS, Azure), EDR, SIEM-SOAR platforms, and container security
  • Excellent communication skills for working in multicultural teams and liaising with technical and non-technical audiences
  • Certifications or experience in relevant security technologies (e.g., Palo Alto Cortex XSOAR, Splunk, Microsoft SC-200, AWS Security Specialty)
  • Level 6 European Qualification Framework (Bachelor's degree or higher) for senior profiles
Job Responsibility
Job Responsibility
  • Define incident handling procedures, automation requirements, and playbook logic aligned with the needs
  • Prepare incident response workflows, automated enrichment steps, and technical documentation for standardized alert handling
  • Handle cybersecurity incidents from detection through escalation, containment, and resolution
  • Develop and maintain XSOAR playbooks, integrations, and automations across platforms such as Splunk, AWS, Azure Sentinel, Carbon Black Cloud, and Sysdig
  • Coordinate and review playbook updates, incident reports, and cross-team collaboration
  • Report key performance metrics, including FPTP rate, MTTH, escalation rate, automation coverage, time saved, and error reductions
  • Assist training analysts on playbook usage and incident response methods
  • Collaborate with CSIRC, CATCH analysts, infrastructure teams, and external stakeholders to validate playbook coverage and share threat intelligence.
What we offer
What we offer
  • Mobility options (including a company car)
  • Insurance coverage
  • Meal vouchers
  • Eco-cheques
  • Continuous learning opportunities through the Sopra Steria Academy
  • Participation in team events.
  • Fulltime
Read More
Arrow Right