D&T Analyst I – Cyber Security, Incident Response

Role Overview

Key Responsibilities

• Monitor SIEM, SOAR, EDR, and security tools for threats and anomalies
• Investigate and contain incidents including malware, phishing, and intrusions
• Perform endpoint (Windows primarily) and network-based investigations
• Analyze malware in sandbox and forensic environments
• Escalate incidents per the Cybersecurity Incident Response Plan
• Meet defined containment and response SLAs

• Review peer investigations and recommend improvements
• Fine-tune detection rules and support SOAR automation
• Participate in incident retrospectives and reporting on trends
• Support process improvement, audits, and detection enhancements
• Collaborate across cyber and business teams

Must-Have Skills & Experience

• Ability to work in 24x7 rotating shifts
• 3–5 years of experience in Cyber Security / Incident Response
• Hands-on experience with SIEM, SOAR, EDR, and incident response tools
• Strong understanding of networking, IDS/IPS, firewalls, and protocols
• Knowledge of MITRE ATT&CK framework and cyber security principles
• Experience with Windows, Linux, and Mac OS investigations
• Deep understanding of phishing tactics and endpoint investigations
• Familiarity with forensic and malware analysis techniques
• Strong analytical, communication, and collaboration skills
• Certifications such as CEH, CySA+, ECIH
• Minimun: Graduation required