RemoteLeaf Logo
Log in Sign up

Incident Response Analyst

1 week, 2 days ago
Czech Republic
Full-time
Mid Level
Security Analyst
Cybersecurity
Bash CrowdStrike Linux LLM macOS OpenSearch Python SIEM Splunk WAF Wireshark
Apply Now
Talentgrator

Talentgrator

Talentgrator specializes in providing recruitment services tailored specifically for the iGaming industry, connecting businesses with skilled professionals and helping job seekers find optimal employment opportunities.

Hotels, Restaurants & Leisure
11-50
Founded 2020
View All Jobs 35

Description

  • Work with WAF to analyze anomalous traffic, respond to web attacks, and fine-tune rules.
  • Investigate data leaks and policy violations using DLP and MDM tools, and collaborate with other teams on findings.
  • Monitor and triage SIEM alerts by analyzing events, classifying incidents, and prioritizing response.
  • Integrate new log sources into SIEM through normalization, parsing, and enrichment.
  • Develop and improve detection rules, correlation rules, and dashboards.
  • Reduce MTTR by identifying bottlenecks in response processes and implementing automation and runbooks.
  • Conduct security incident investigations by collecting artifacts, reconstructing timelines, and performing root cause analysis.
  • Lead investigations independently from alert to final report.
  • Participate in incident post-mortems and provide actionable recommendations.

Requirements

  • 3+ years of experience in Incident Response or Security Operations.
  • Hands-on experience with SIEM platforms such as Splunk, ELK/OpenSearch, Graylog, or similar.
  • Ability to read and interpret logs from Linux, Windows, macOS, network, application, and cloud sources.
  • Understanding of network protocols and traffic analysis tools such as Wireshark and Zeek.
  • Knowledge of attacker tactics and techniques, including MITRE ATT&CK, kill chain, IOC, and TTP.
  • Scripting skills for automation with Python or Bash.
  • Native Russian language skills for team communication.
  • Experience with SOAR platforms and building playbooks is preferred.
  • Experience with EDR/XDR solutions such as CrowdStrike or SentinelOne is preferred.
  • Experience with cloud logs such as AWS CloudTrail or GCP Audit Logs is preferred.
  • Participation in CTFs, red team / blue team exercises, or pentesting is preferred.
  • Experience integrating security tools via APIs and automating response using LLMs is preferred.
  • Basic understanding of integrating LLM-based tools.

Benefits

  • 25 vacation days and 5 family days per year.
  • Flexible start to the workday.
  • Support from a professional corporate coach and psychologist.
  • Regular internal and external activities, workshops, trips, and corporate events.
  • Access to an internal knowledge base, meetups, and team-building activities.
  • Ongoing training in new technologies and support for continuous professional development.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Signifyd

Risk Intelligence Analyst

Signifyd 251-1K IT Services

Signifyd is hiring a Risk Analyst to join its Risk Intelligence team, focusing on detecting fraud patterns, monitoring risk, and improving payment risk decisioning for e-commerce merchants worldwide.

Brazil Full-time Junior Data Analyst Security Analyst
Looker Machine Learning SQL
3 hours, 7 minutes ago
Tactacam

Security Analyst I

Tactacam 51-250 Household Durables

Tactacam is seeking a Security Analyst to monitor and respond to security threats across its digital infrastructure while supporting vulnerability management, remediation, documentation, and employee security awareness.

United States Full-time Junior Security Analyst
Cybersecurity Network Security SIEM
5 hours, 51 minutes ago
Capgemini

FBS Information Security Analyst (Remote)

Capgemini 100K+ Internet Software & Services

Farmers Information Security’s External Vendor Risk Assessment team is hiring an Information Security Analyst to support cybersecurity assessments of vendors and third parties, manage security risk reviews, and help protect company systems and data.

Mexico Brazil Full-time Senior Security Analyst
Cybersecurity
11 hours, 25 minutes ago
S

Information Security Specialist

SymSoft Solutions Web Design, Development, and System Integration

Symsoft Solutions is seeking a remote, six-month contractor to support state and local government digital services for California state agencies on a large IT project.

United States Contract Senior Security Analyst
$100k-$120k
19 hours, 11 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers