Job Description

Job Summary:

The Detection and Response Analyst will play a crucial role in maintaining the security posture of the organization by proactively identifying and responding to security threats. This position will involve in-depth analysis of security events, support development of detection mechanisms, and collaborate with cross-functional teams to enhance incident response capabilities. To excel in this role, the candidate must demonstrate a strong investigative mindset, technical agility, and knowledge of evolving cybersecurity threats.

Salary: 140-160k base + 10% bonus

Logistics: 100% Remote, US

Work Authorization: US Citizen and permanent residents, no sponsorship

Main Accountabilities:

• Threat Detection and Analysis: utilize advanced cybersecurity tools and technologies to detect and analyze security incidents.

• Conduct in-depth analysis of security alerts, identifying root causes and potential impacts.

• Support and contribute to development of detection strategies to identify emerging threats.

• Incident Response: Monitor security tools and dashboards and execute incident response activities, including containment, eradication, and advising on recovery.

• Collaborate with business, technology, and security teams to ensure timely and effective resolution of security incidents.

• Provide expertise in post-incident analysis and contribute to continuous improvement of detection and incident response processes.

• Stay current with industry trends and emerging technologies, recommending and helping implement new tools and sources of visibility as needed.

• Work closely with cross-functional teams, including IT, risk management, and others to align security efforts with organizational goals.

• Communicate complex security issues to both technical and non-technical stakeholders, providing clear and actionable recommendations.
  
  

Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, or a related field. Relevant certifications (e.g., OSCP, CISSP, CEH) are highly desirable.

• 5+ years’ experience in cybersecurity operations, with a focus on threat detection and incident response.

• Proven experience with security information and event management (SIEM) systems.

• Proficient in using security tools such as IDS/IPS, firewalls, and endpoint protection tools.

• Cloud Incident Response experience.

• Strong scripting skills (e.g. Python, PowerShell) for automation and analysis.

• Exceptional analytical and problem-solving skills with keen attention to detail.

• Ability to work collaboratively in a team environment.