RemoteLeaf Logo
Log in Sign up

Incident Response Analyst

1 month ago
Czech Republic
Full-time
Mid Level
Security Analyst
Cybersecurity
Bash CrowdStrike Linux LLM macOS OpenSearch Python SIEM Splunk WAF Wireshark
Apply Now
Talentgrator

Talentgrator

Talentgrator specializes in providing recruitment services tailored specifically for the iGaming industry, connecting businesses with skilled professionals and helping job seekers find optimal employment opportunities.

Hotels, Restaurants & Leisure
11-50
Founded 2020
View All Jobs 36

Description

  • Work with WAF to analyze anomalous traffic, respond to web attacks, and fine-tune rules.
  • Investigate data leaks and policy violations using DLP and MDM tools, and collaborate with other teams on findings.
  • Monitor and triage SIEM alerts by analyzing events, classifying incidents, and prioritizing response.
  • Integrate new log sources into SIEM through normalization, parsing, and enrichment.
  • Develop and improve detection rules, correlation rules, and dashboards.
  • Reduce MTTR by identifying bottlenecks in response processes and implementing automation and runbooks.
  • Conduct security incident investigations by collecting artifacts, reconstructing timelines, and performing root cause analysis.
  • Lead investigations independently from alert to final report.
  • Participate in incident post-mortems and provide actionable recommendations.

Requirements

  • 3+ years of experience in Incident Response or Security Operations.
  • Hands-on experience with SIEM platforms such as Splunk, ELK/OpenSearch, Graylog, or similar.
  • Ability to read and interpret logs from Linux, Windows, macOS, network, application, and cloud sources.
  • Understanding of network protocols and traffic analysis tools such as Wireshark and Zeek.
  • Knowledge of attacker tactics and techniques, including MITRE ATT&CK, kill chain, IOC, and TTP.
  • Scripting skills for automation with Python or Bash.
  • Native Russian language skills for team communication.
  • Experience with SOAR platforms and building playbooks is preferred.
  • Experience with EDR/XDR solutions such as CrowdStrike or SentinelOne is preferred.
  • Experience with cloud logs such as AWS CloudTrail or GCP Audit Logs is preferred.
  • Participation in CTFs, red team / blue team exercises, or pentesting is preferred.
  • Experience integrating security tools via APIs and automating response using LLMs is preferred.
  • Basic understanding of integrating LLM-based tools.

Benefits

  • 25 vacation days and 5 family days per year.
  • Flexible start to the workday.
  • Support from a professional corporate coach and psychologist.
  • Regular internal and external activities, workshops, trips, and corporate events.
  • Access to an internal knowledge base, meetups, and team-building activities.
  • Ongoing training in new technologies and support for continuous professional development.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Mercier Consultancy

Norwegian Speaking Digital Trust and Safety Analyst - Work In Bulgaria

Mercier Consultancy Professional Services

Mercier Consultancy MD is hiring a Norwegian-speaking Digital Trust and Safety Analyst in Bulgaria to monitor platform activity, address safety risks, and support a safer user experience.

Bulgaria Norway Full-time Junior Security Analyst
5 hours, 11 minutes ago
MetroStar

Sr. Network Administrator II (6617)

MetroStar 251-1K IT Services

MetroStar is seeking a Sr. Network Administrator II to support secure network operations for the Department of State by maintaining, monitoring, and improving network reliability, availability, performance, and security in a dynamic NOC environment.

United States Full-time Senior Network Engineer Security Analyst
$120k-$152k
Cisco DHCP DNS Fiber HTTP Nagios Splunk TCP/IP Wireshark Zabbix
6 hours, 20 minutes ago
Mercier Consultancy

Spanish-Speaking Cybersecurity Customer Agent - Work In Greece - Paid Relocation

Mercier Consultancy Professional Services

Mercier Consultancy MD is hiring a Spanish-speaking Cybersecurity Customer Agent in Greece to provide client support and guidance that helps Spanish-speaking customers protect their digital assets.

Bulgaria Greece Portugal Spain Full-time Junior Customer Support Security Analyst
CRM Cybersecurity
13 hours, 13 minutes ago
Alphasense

Staff Incident Response Analyst

Alphasense 51-250 Industrial Conglomerates

AlphaSense is hiring a Staff Incident Response Analyst to lead complex security incidents and forensic investigations across endpoint, cloud, identity, and SaaS environments as the technical escalation point for its SOC and MDR partner.

India Full-time Lead Security Analyst
AWS Bash EC2 GCP OAuth SIEM Splunk
18 hours, 22 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers