Incident Response Analyst (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Incident Response Analyst (Cybersecurity): Supporting investigative, forensic, and containment activities for Managed Detection and Response (MDR) customers with an accent on alert triage, evidence collection, and documentation. Focus on building technical foundations in incident response under the guidance of senior analysts while neutralizing active cyber threats.
Location: Must have legal authorization to work in Australia
Company
is a global leader in next-generation cybersecurity, providing advanced protection to millions of users worldwide.
What you will do
- Assist with investigative and forensic analysis across endpoints, network logs, and cloud telemetry.
- Support containment and response actions to neutralize active threats under senior guidance.
- Triage and review alerts, indicators of compromise (IOCs), and artifacts to determine scope.
- Maintain accurate engagement documentation, including timelines and playbooks.
- Contribute technical findings to customer updates and post-incident reports.
- Participate in shift rotations, including weekends and holidays.
Requirements
- Must have legal authorization to work in Australia without sponsorship.
- 1-2 years of experience in a SOC, MDR, or security operations role.
- Foundational understanding of endpoint security, log analysis, and attack techniques.
- Familiarity with common threats like malware, credential theft, and ransomware.
- Ability to work effectively in high-pressure, time-sensitive environments.
- Strong written and verbal communication skills.
Nice to have
- Exposure to EDR, SIEM, or forensic collection tools.
- Familiarity with OSQuery, SQL, or KQL.
- Knowledge of MITRE ATT&CK and incident response frameworks.
- Industry certifications such as CompTIA Security+, GFACT, or GCIH.
Culture & Benefits
- Remote-first organizational culture.
- Mentorship and guidance from senior analysts for career progression.
- Opportunities to contribute to detection tuning and service improvement.
- Professional development in a high-stakes incident response environment.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →