Binary Defense

Cybersecurity Incident Response Analyst

Binary Defense

full-time

Posted on:

Location Type: Remote

Location: TexasUnited States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cyber SecurityFirewallsLinuxMacOSSplunk

About the role

  • Serve as an Incident Response (IR) Analyst supporting the Analysis on Demand (AoD) team.
  • Drive client meetings to discuss incident scope, investigative findings, and response updates while producing clear and detailed technical reports.
  • Conduct incident triage and verification, determine scope of compromise, perform threat hunting, and provide containment and remediation recommendations to customers.
  • Serve as a primary responder and point of contact during incident response engagements, supporting forensic investigation, analysis, and resolution of security incidents.
  • Work directly with clients to perform investigations, forensically analyze systems, and identify attacker activity across enterprise environments.
  • Analyze compromised systems to determine attack vectors, persistence mechanisms, lateral movement, and attacker techniques.
  • Identify attacker tools, tactics, and procedures (TTPs) and understand evolving threat actor behaviors.
  • Follow industry incident response best practices for containment, eradication, and recovery.
  • This position focuses on hands-on investigation and incident response, not alert monitoring or tier-1 SOC duties.
  • Must be familiar with incident response best practices and procedures.
  • Must have Windows-based incident response and computer forensics experience.
  • Must be familiar with network analysis, memory analysis, and digital forensics investigations.
  • Must possess excellent verbal and written communication skills, including the ability to present findings and recommendations to technical teams and leadership.

Requirements

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field, or equivalent practical experience.
  • Certification in one or more of the following preferred: GCIH, GCFE, GCFA, GREM, GNFA
  • 3–5+ years of hands-on cybersecurity investigation experience, including host forensics, network forensics, threat hunting, or incident response.
  • Experience supporting incident response investigations including analysis, containment, and remediation actions.
  • Demonstrated experience investigating active security incidents or confirmed compromises, including determining attack scope and identifying persistence mechanisms.
  • Experience performing host-based investigations using endpoint artifacts, logs, and forensic evidence to determine attacker activity and timeline of compromise.
  • Experience analyzing systems across Windows, macOS, or Linux environments.
  • Experience working with enterprise security technologies including EDR, SIEM, firewalls, IDS/IPS, vulnerability scanning, and network security tools.
  • Experience using digital forensics tools such as Volatility, Rekall, KAPE, Autopsy, or similar frameworks.
  • Experience working with SIEM platforms such as Splunk, Microsoft Sentinel, Devo, or Sumo Logic.
  • Experience working with EDR platforms such as CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, Carbon Black, FortiXDR, or similar solutions.
  • Strong experience using SIFT Workstation or similar digital forensics platforms.
  • Demonstrated knowledge of the MITRE ATT&CK Framework.
  • Ability to communicate investigative findings and strategies to technical teams, executive leadership, internal teams, and clients.
  • Strong analytical and problem-solving skills.
  • Comfortable working multiple concurrent investigations and adapting investigative approaches as new evidence is discovered.
  • Strong time management skills to balance multiple investigations and priorities.
  • Ability to lead clients in strategic conversations with strong executive presence.
  • Must be a U.S. Citizen residing in the continental United States.
Benefits
  • competitive medical, dental and vision coverage for employees and dependents
  • 401k match which vests every payroll
  • flexible and remote friendly work environment
  • training opportunities to expand your skill set
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
incident responseforensic investigationthreat huntinghost forensicsnetwork forensicsdigital forensicsWindows-based incident responsememory analysisattack vector analysisMITRE ATT&CK Framework
Soft Skills
verbal communicationwritten communicationanalytical skillsproblem-solving skillstime managementleadershipclient engagementstrategic conversationadaptabilityattention to detail
Certifications
GCIHGCFEGCFAGREMGNFA