Cybersecurity Incident Response Analyst - REMOTE

Remote Full-time
Description: Binary Defense (BD) is seeking a talented Cybersecurity Incident Response Analyst to join our Analysis on Demand (AoD) team. This role focuses on hands-on investigation of cybersecurity incidents, threat hunting, and forensic analysis across endpoint, network, and cloud environments. Position Overview β€’ Serve as an Incident Response (IR) Analyst supporting the Analysis on Demand (AoD) team. β€’ Drive client meetings to discuss incident scope, investigative findings, and response updates while producing clear and detailed technical reports. β€’ Conduct incident triage and verification, determine scope of compromise, perform threat hunting, and provide containment and remediation recommendations to customers. β€’ Serve as a primary responder and point of contact during incident response engagements, supporting forensic investigation, analysis, and resolution of security incidents. β€’ Work directly with clients to perform investigations, forensically analyze systems, and identify attacker activity across enterprise environments. β€’ Analyze compromised systems to determine attack vectors, persistence mechanisms, lateral movement, and attacker techniques. β€’ Identify attacker tools, tactics, and procedures (TTPs) and understand evolving threat actor behaviors. β€’ Follow industry incident response best practices for containment, eradication, and recovery. β€’ This position focuses on hands-on investigation and incident response, not alert monitoring or tier-1 SOC duties. β€’ Must be familiar with incident response best practices and procedures. β€’ Must have Windows-based incident response and computer forensics experience. β€’ Must be familiar with network analysis, memory analysis, and digital forensics investigations. β€’ Must possess excellent verbal and written communication skills, including the ability to present findings and recommendations to technical teams and leadership. Responsibilities β€’ Communicate and collaborate with internal and customer teams to investigate and contain incidents for escalated security events and investigations. β€’ Perform technical cybersecurity investigations including root cause analysis, threat identification, and remediation guidance. β€’ Conduct client-facing incident response engagements examining endpoint, network, and cloud-based sources of evidence. β€’ Schedule and lead video calls with clients for collaboration, investigation updates, and response coordination. β€’ Perform host-based forensic analysis including artifact analysis, memory analysis, log analysis, and timeline reconstruction. β€’ Conduct enterprise-scale artifact collection and analysis to identify attacker activity, persistence mechanisms, and lateral movement across multiple systems. β€’ Utilize Velociraptor artifacts and VQL (Velociraptor Query Language) to perform targeted endpoint investigations and collect forensic artifacts across enterprise environments. β€’ Investigate attacker activity using endpoint telemetry, system artifacts, authentication logs, and network evidence to reconstruct attack timelines. β€’ Analyze attacker behavior and intrusion activity to determine initial access, persistence mechanisms, privilege escalation, and lateral movement used during an incident. β€’ Recognize attacker Tools, Tactics, and Procedures (TTPs) and Indicators of Compromise (IOCs) and apply them to current and future investigations. β€’ Support development of detections, hunting queries, and investigative methodologies based on findings from incident response engagements. β€’ Assist in creating and revising standard operating procedures, policies, processes, playbooks, and technical reports. β€’ Develop and present comprehensive reports, trainings, and presentations for both technical and executive audiences. β€’ Provide post-incident recommendations and security improvement guidance to strengthen detection capabilities and reduce future attack risk. β€’ Maintain professional knowledge by attending conferences, reviewing publications, writing blog posts, or participating in industry events. β€’ Stay current on emerging threats, countermeasures, and security technologies. β€’ Write technical documents and investigative reports. β€’ Operate effectively in a fast-paced and collaborative environment. β€’ Work remotely, receive direction, and operate as a self-starter. Requirements: β€’ Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field, or equivalent practical experience. β€’ Certification in one or more of the following preferred: GCIH, GCFE, GCFA, GREM, GNFA β€’ Experience working within a Security Operations Center (SOC) or Incident Response team. β€’ 3–5+ years of hands-on cybersecurity investigation experience, including host forensics, network forensics, threat hunting, or incident response. β€’ Experience supporting incident response investigations including analysis, containment, and remediation actions. β€’ Demonstrated experience investigating active security incidents or confirmed compromises, including determini

Apply Now

Apply Now
Apply Now β†’

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Marketing Coordinator - Entry Level

Remote

Experienced Full-Time Remote Data Entry Specialist – High Volume Data Management and Administrative Support

Remote

Metadata Supervisor

Remote

Remote Sales Client Representative

Remote

Urgently Hiring: Fulfillment Center Associate

Remote

Regional Director - Timothy Two Project International

Remote

**Experienced Remote Data Entry Clerk Typing – Web & Cloud Application Development – Start Today – US**

Remote

Senior Director, Product Management

Remote

[Remote] Clinical Reviewer

Remote

Content Writer / Strategist

Remote
← Back