Idaho Staffing
Incident Response Analyst
We are seeking a highly skilled Cybersecurity Incident Response Analyst with expertise in threat detection, incident handling, and operational security. The ideal candidate will have a proven track record as part of an incident response team, with the ability to integrate artificial intelligence and machine learning into security operations workflows to enhance detection, automation, and response capabilities. Key responsibilities include serving as a core member of the incident response team, performing cybersecurity analysis, incident detection, investigation, containment, eradication, and recovery. Conduct root cause analysis, identify attack vectors, and develop recommendations to prevent recurrence. Develop and maintain incident response playbooks and standard operating procedures. Integrate AI/ML solutions into security operations center workflows to improve threat hunting, anomaly detection, and automated triage. Utilize and optimize security tools including Splunk, SentinelOne, Armis, and SNA for log analysis, endpoint detection, network monitoring, and asset visibility. Collaborate with SOC engineers, threat hunters, and vulnerability management teams to ensure seamless security operations. Provide after-action reports, threat intelligence integration, and executive briefings on incident trends. Stay current with evolving cyber threats, AI/ML advancements in security, and emerging incident response methodologies. Required qualifications include a minimum of eight to twelve years' relevant experience, a degree from an accredited college/university in the applicable field of services, solid understanding of cybersecurity principles, attack vectors, malware analysis, network forensics, and digital evidence handling, proven work history in incident response roles, hands-on experience with SIEM, EDR, and network security platforms, strong knowledge of AI/ML applications in security operations, familiarity with MITRE ATT&CK framework, threat hunting techniques, and cyber kill chain concepts, ability to work under pressure during active incidents and prioritize effectively in high-stress environments, and excellent communication skills for both technical and executive-level audiences.
We are seeking a highly skilled Cybersecurity Incident Response Analyst with expertise in threat detection, incident handling, and operational security. The ideal candidate will have a proven track record as part of an incident response team, with the ability to integrate artificial intelligence and machine learning into security operations workflows to enhance detection, automation, and response capabilities. Key responsibilities include serving as a core member of the incident response team, performing cybersecurity analysis, incident detection, investigation, containment, eradication, and recovery. Conduct root cause analysis, identify attack vectors, and develop recommendations to prevent recurrence. Develop and maintain incident response playbooks and standard operating procedures. Integrate AI/ML solutions into security operations center workflows to improve threat hunting, anomaly detection, and automated triage. Utilize and optimize security tools including Splunk, SentinelOne, Armis, and SNA for log analysis, endpoint detection, network monitoring, and asset visibility. Collaborate with SOC engineers, threat hunters, and vulnerability management teams to ensure seamless security operations. Provide after-action reports, threat intelligence integration, and executive briefings on incident trends. Stay current with evolving cyber threats, AI/ML advancements in security, and emerging incident response methodologies. Required qualifications include a minimum of eight to twelve years' relevant experience, a degree from an accredited college/university in the applicable field of services, solid understanding of cybersecurity principles, attack vectors, malware analysis, network forensics, and digital evidence handling, proven work history in incident response roles, hands-on experience with SIEM, EDR, and network security platforms, strong knowledge of AI/ML applications in security operations, familiarity with MITRE ATT&CK framework, threat hunting techniques, and cyber kill chain concepts, ability to work under pressure during active incidents and prioritize effectively in high-stress environments, and excellent communication skills for both technical and executive-level audiences.