Cyber Incident Analyst

. Cyber Incident Response and event management .

Posted 5/20/2026full-timeRemote • 🇵🇹 PortugalMid-LevelSeniorWebsite

Tools & technologies

AssemblyCyber SecurityGoLinuxMacOSPython

Key responsibilities & impact

Cyber Incident Response and event management
Contributing to the response efforts for security incidents, managing triage, containment, documentation, and the reporting process.
Contribute to the Cyber Incident Response process from a technical perspective and provide effective management of all cyber incidents.
Supporting the Incident Manager in driving post-incident reviews.
Collaborate with global stakeholders in technical conversations, to align response efforts and communicate effectively across technical audiences during incidents.
Leverage Incident Analysis context to help identify gaps and improve detection and response capabilities by fine-tuning use cases, developing automation, and documenting processes.
Respond to the incident and manage the tickets end to end with a good quality.
Conduct host and network investigations to detect and mitigate malicious activities using tools like Sysinternals, Wireshark, and TCPDump.
Log analysis across OS, web applications, network devices, and security tools (e.g., Anti-malware, EDR, IDS, WAF, DLP).
Research and Intelligence Gathering: Proficiency in OSINT tools like Shodan and VirusTotal.

What you’ll need

3+ years of experience in cybersecurity or similar related disciplines, with a minimum of 2 years in a SOC or incident response role, although candidates with Cyber Security know-how and able to demonstrate essential skills, may be considered.
Relevant advanced certifications (e.g., GCIA, GSEC, CEH, GCDA, GCIH, GCFA, OSCP) are highly desirable but not essential.
Proven self-learning abilities demonstrated through research, GitHub projects, bug hunting, active participation in public cybersecurity forums, or high scores on platforms like HTB, Immersive Labs, TryHackMe, and SANS CTF is desirable.
Good experience in query languages like KQL and Logscale for investigations and log analysis is highly desirable.
Some programming experience for example, C, Python, Go, and/or other languages desirable.
Assembly language knowledge is a plus but not essential is desirable.
Experience in User-Interface/User-Experience (UI/UX) design and development is desirable but not essential.
Development and deployment of dockerized applications, desirable but not essential.
Experience with multiple platforms (Linux, MacOS, mobile, etc).
A background in intelligence is a plus.
Knowledge of scripting languages is desirable (e.g., Bash, Python, PowerShell) for automation and process improvement.

Comp & perks

Flexible working arrangement: Remote working with occasional in person team building activities
Collaborative Culture : Experience a supportive and inclusive work environment that values teamwork and innovation. We believe in open communication and knowledge sharing, ensuring that every team member feels empowered and valued.
Work-Life Balance : We understand the importance of maintaining a healthy work-life balance. Our flexible working arrangements and supportive policies enable you to excel in your role while enjoying your personal life.

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurityincident responselog analysisquery languagesKQLLogscaleprogrammingCPythonGo

Soft Skills

self-learningcollaborationcommunicationproblem-solvingdocumentation

Certifications

GCIAGSECCEHGCDAGCIHGCFAOSCP