IT Cybersecurity Analyst (Incident Response & Investigation)
Posted 4 days ago by Central Business Solutions
Negotiable
Undetermined
Remote
Remote
Summary: The Cybersecurity Analyst (Incident Response & Investigation) is tasked with monitoring, detecting, analyzing, and responding to cybersecurity threats within enterprise environments. This role is pivotal in conducting comprehensive incident investigations, performing root cause analysis, and enhancing the organization's security posture. The position requires extensive experience in IT and cybersecurity, particularly in incident response. Strong communication and problem-solving skills are essential for effective stakeholder engagement and reporting.
Key Responsibilities:
- Lead end-to-end investigations from detection to recovery
- Perform forensic analysis and coordinate response
- Conduct RCA and recommend corrective actions
- Enhance playbooks and processes
- Monitor SIEM/SOAR tools and perform threat hunting
- Use EDR tools for investigations and containment
- Prepare reports and communicate findings
Key Skills:
- Bachelor’s Degree in Computer Science, Cybersecurity, MIS, or equivalent
- 7+ years in IT and Cybersecurity
- 3+ years in incident response and investigations
- Proven experience in RCA and end-to-end investigations
- Microsoft Sentinel, Defender, Entra ID, M365
- CrowdStrike Falcon experience
- SIEM, SOAR, EDR tools
- NIST, MITRE ATT&CK frameworks
- Strong problem-solving and communication skills
Salary (Rate): undetermined
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Cybersecurity Analyst (Incident Response & Investigation)
Role Overview
The Cybersecurity Analyst is responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats across enterprise environments. This role plays a critical part in conducting end-to-end incident investigations, performing root cause analysis, and strengthening the organization’s overall security posture.
Key Responsibilities
Incident Response & Investigation:
• Lead end-to-end investigations from detection to recovery
• Perform forensic analysis and coordinate response
Root Cause Analysis & Continuous Improvement:
• Conduct RCA and recommend corrective actions
• Enhance playbooks and processes
Threat Monitoring & Hunting:
• Monitor SIEM/SOAR tools and perform threat hunting
Endpoint Security:
• Use EDR tools for investigations and containment
Stakeholder Communication:
• Prepare reports and communicate findings
Required Qualifications
• Bachelor’s Degree in Computer Science, Cybersecurity, MIS, or equivalent
• 7+ years in IT and Cybersecurity
• 3+ years in incident response and investigations
• Proven experience in RCA and end-to-end investigations
Required Skills & Expertise
Enterprise Security Platforms:
• Microsoft Sentinel, Defender, Entra ID, M365
• Alert triage, log analysis, access investigations
Endpoint Detection:
• CrowdStrike Falcon experience
• Threat hunting, behavioral analysis, containment
Security Operations:
• SIEM, SOAR, EDR tools
Frameworks:
• NIST, MITRE ATT&CK
Soft Skills:
• Strong problem-solving and communication
Preferred Qualifications
• Certifications: CISSP, CEH, GCIH
• Cloud security experience (Azure/AWS/Google Cloud Platform)
Success Criteria
• Reduced incident response time
• Improved security posture
• Enhanced automation and efficiency