Incident Response Analyst

• Work Setup: Hybrid (8–10 days onsite/month)
• Shift: Rotating (APAC / EMEA / WHEM)
• Schedule: Shifting (changes every 2 months) | Weekends/OT as needed

Job Summary

We are looking for an experienced Incident Response Analyst to handle end-to-end security incidents, from detection to remediation. This role focuses on threat analysis, incident handling, and continuous improvement of security operations.

• Provide Tier 2/3 incident response support across the full IR lifecycle
• Analyze security events using SIEM, IDS/IPS, EDR, and other tools
• Investigate, contain, and remediate security incidents
• Perform threat hunting and create detection rules for suspicious activities
• Support forensic investigations and root cause analysis
• Collaborate with global teams and provide incident reports and metrics
• Recommend improvements to detection and response processes

• 4–5 years of experience in Incident Response / Cybersecurity
• Strong experience in full IR lifecycle (Preparation → Recovery)
• Hands-on experience with:
• SIEM, log management, IDS/IPS, EDR
• Packet analysis and threat detection tools
• Knowledge of TCP/IP, DNS, and network security fundamentals
• Experience in malware analysis and threat hunting
• Familiarity with vulnerability tools (e.g., Qualys, Nessus)
• Strong analytical, problem-solving, and communication skills

• Certifications: GCIH, GCFE, GREM, CISSP, SSCP
• Experience in digital forensics (EnCase, FTK, Sleuth Kit, etc.)
• Experience creating detection rules and handling complex IR cases