Incident Analyst - Cyber Triage and Forensics

Atlanta, United States

Full Time
Mission Recruit logo
Mission Recruit
Apply now Apply later

As a global leader in assurance, tax, transaction, and advisory services, the client is using their technology finance products, expertise, and systems they’ve developed to build a better working world. That begins with a culture that believes in giving employees the training, opportunities, and creative freedom to make things better. With a foundational commitment to hiring and developing the most passionate people, whenever you join their team, however long you stay, the exceptional experience and skills learned last a lifetime.


Industry: Technology/Finance

Location: Remote

Duration: Direct Hire

Shift: 1st Shift (Eastern Standard Time)

Job Summary

Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response.  The candidate will work as an escalation point for suspect or confirmed security incidents.  Responsibilities include performing digital forensic analysis, following security incident response best practices, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process.


  • Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field
  • 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering
  • Understanding of security threats, vulnerabilities, and incident response
  • Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
  • Be familiar with legalities surrounding electronic discovery and analysis
  • Experience with SIEM technologies (i.e. Splunk)
  • Deep understanding of both Windows and Unix/Linux based operating systems

Additional Preferred Experience:

  • Hold or be willing to pursue related professional certifications such as GCFE, GCFA, or GCIH
  • Background in security incident response in Cloud-based environments, such as Azure
  • Programming skills in Powershell, Python, and/or C/C++
  • Understanding of the best security practices for network architecture and server configuration


  • Investigate, coordinate, bring to resolution, and report on security incidents as they are escalated or identified
  • Forensically analyze end-user systems and servers found to have possible indicators of compromise
  • Analysis of artifacts collected during a security incident/forensic analysis
  • Identify security incidents through ‘Hunting’ operations within a SIEM and other relevant tools
  • Interface and communicate with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions
  • Provide consultation and assessment on perceived security threats
  • Maintain, manage, improve and update security incident process and protocol documentation
  • Regularly provide reporting and metrics on case work
  • Resolution of security incidents by identifying root cause and solutions
  • Analyze findings in investigative matters, and develop fact-based reports
  • Be on-call to deliver global incident response

Skills and attributes for success:

  • Resolution of security incidents by identifying root cause and solutions
  • Analyze findings in investigative matters, and develop fact-based reports
  • Demonstrated integrity and judgment within a professional environment
  • Ability to appropriately balance work/personal priorities

What they look for:

  • Demonstrated integrity in a professional environment
  • Ability to work independently
  • Have a global mind-set for working with different cultures and backgrounds
  • Knowledgeable in business industry standard security incident response process, procedures, and life-cycle
  • Excellent teaming skills
  • Excellent social, communication, and writing skills

Additional Benefits Info:

They offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Their Total Rewards package includes support for flexible working and career development.  You can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions.

Plus, they offer:

  • Support, coaching and feedback from some of the most engaging colleagues around
  • Opportunities to develop new skills and progress your career
  • The freedom and flexibility to handle your role in a way that’s right for you
Job region(s): North America
Job stats:  13  1  0
  • Share this job via
  • or

Explore more Information Security career opportunities