We are seeking a skilled Incident Response Analyst to join our cybersecurity team. The ideal candidate will be responsible for monitoring, detecting, analyzing, and responding to security incidents. This role requires a deep understanding of security threats, incident response processes, and the ability to work collaboratively across various teams to protect the organization’s information systems.

Key Accountabilities/Deliverables:

Continuously monitor security alerts and incidents using Security Information and Event Management (SIEM) tools and other monitoring solutions.
Analyze security events to identify anomalies and potential threats, escalating issues as necessary.
Investigate and respond to security incidents, coordinating containment and eradication efforts.

Conduct root cause analysis to understand the nature and scope of incidents and identify weaknesses.
Maintain detailed documentation of incidents, response actions, and lessons learned.

Prepare incident reports and presentations for management, highlighting key findings and recommendations.

Work closely with IT, network, and system administrators to implement security controls and ensure the integrity of systems.
Collaborate with legal and compliance teams to ensure adherence to regulations and reporting requirements.

Assist in the development and refinement of incident response plans, policies, and procedures.
Participate in post-incident reviews and recommend improvements to enhance the organization’s security posture.

Provide support in cybersecurity training and awareness programs for employees.
Assist in conducting tabletop exercises and simulations to test incident response effectiveness.

Technical Knowledge and Understanding:

Strong understanding of security principles, threat landscapes, and incident response methodologies.
Familiarity with regulatory requirements and compliance frameworks (e.g., NIST, ISO 27001).
Knowledge of scripting or programming languages (e.g., Python, PowerShell) for automation and analysis tasks preferred.
Familiarity with incident response frameworks and tools (e.g., The MITRE ATT&CK Framework) preferred.

Experience:

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field; relevant certifications are a plus.
3 years of experience in cybersecurity, with a focus on incident response and analysis.
Experience with SIEM tools (e.g., Splunk, ArcSight) and other security technologies (e.g., firewalls, intrusion detection/prevention systems).
Excellent analytical and problem-solving skills, with attention to detail.
Strong communication and interpersonal skills, capable of collaborating with both technical and non-technical stakeholders.
Ability to work under pressure and manage multiple priorities effectively.
Relevant certifications such as GCIH, CEH, or Security+ are highly desirable.

Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa for this position.
Must also be able to work a hybrid schedule in our Cincinnati or Dallas offices.

#LI-Hybrid

At Core Specialty, you will receive a competitive salary and opportunities for professional development and advancement. We offer medical, dental, vision, and life insurances; short and long-term disability; a Company-match of 100% of a 6% contribution 401(k) plan; an Employee Assistance Plan; Health Savings Account, Flexible Spending Account, Health Reimbursement Account, and a wellness program

Incident Response Analyst

Core Specialty

Simplify's Take

What believers are saying

What critics are saying

What makes Core Specialty unique