[Remote] Incident Response Analyst (Remote)

Remote Full-time
Note: The job is a remote job and is open to candidates in USA. CrowdStrike is a global leader in cybersecurity, dedicated to stopping breaches with their advanced AI-native platform. The Incident Response Analyst will support the incident-response lifecycle, participate in complex initiatives, and conduct in-depth investigations to identify and respond to security threats across the organization.

Responsibilities
• Take ownership of security incidents detected by CSIRT, identify and recommend improvements to enhance workflows, tools, and response effectiveness
• Participate in escalated incidents by gathering and analyzing evidence from logs, endpoint telemetry, and threat-intel sources; perform and adapt investigative or containment actions from playbooks—such as host isolation, phishing email removal —and confirm remediation
• Conduct in-depth research on incident response related topics that support team operations and improve investigative capabilities
• Maintain clear documentation of investigative steps, evidence, decisions, and project progress to support transparency and knowledge sharing
• Identify gaps in detection coverage, workflows, or tooling, and collaborate on new detection logic, playbook refinements, and automation opportunities
• Contribute to the creation and maintenance of runbooks, knowledge articles, and other deliverables that strengthen CSIRT’s incident response capabilities

Skills
• Demonstrated experience performing incident response from escalation through resolution, leveraging multiple data sources and coordinating with cross-functional teams
• Proficiency with EDR platforms (e.g., Falcon), SIEM/SOAR technologies, and network forensics tools (e.g., Zeek, Suricata, Wireshark) to support deep investigations
• Advanced investigative skills, including host- and network-level log analysis, endpoint telemetry review, and use of threat intelligence to determine scope and impact
• Strong knowledge of Windows, macOS, and Linux internals, as well as digital forensics techniques for memory, disk, and network artifact analysis
• Proven ability to conduct in-depth research on topics that support team operations and improve investigative capabilities, and to translate findings into actionable outcomes
• Solid understanding of network protocols (HTTP/S, DNS, SMTP, SMB, Kerberos) and the ability to analyze packet captures
• Strong written and verbal communication skills, with the ability to present investigative findings and recommendations to both technical and non-technical stakeholders
• Experience conducting cloud-focused incident response in AWS, Azure, or GCP environments
• Ability to design and deliver scenario-based training to enhance investigative skills and operational readiness
• Advanced scripting or development experience (Python, PowerShell, Bash, or Perl) to create custom investigative tooling, automate complex data analysis, or integrate new data sources into investigative workflows
• Expertise as a SIEM power user, capable of executing advanced, investigation-driven searches, building specialized dashboards, and developing or refining high-fidelity detections
• Proven track record of publishing threat research, presenting at security conferences, or contributing to industry-wide knowledge sharing

Benefits
• Market leader in compensation and equity awards
• Comprehensive physical and mental wellness programs
• Competitive vacation and holidays for recharge
• Paid parental and adoption leaves
• Professional development opportunities for all employees regardless of level or role
• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
• Vibrant office culture with world class amenities
• Great Place to Work Certified™ across the globe

Company Overview
• CrowdStrike is a cybersecurity technology firm that provides cloud-delivered protection for cloud workloads, identity, and data. It was founded in 2011, and is headquartered in Sunnyvale, California, USA, with a workforce of 5001-10000 employees. Its website is http://www.crowdstrike.com.

Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Experienced and Passionate Substitute Teacher Wanted for Immediate Hire in Clifton, New Jersey - Shape the Future of Education with a Dynamic and Supportive Team

Remote

Executive Vice President, Marketing

Remote

Event and Experience Consultant

Remote

Remote Scheduling Coordinator (Must reside in MA)

Remote

Remote Online Customer Chat Specialist - Entry-Level Positions at arenaflex (No Experience Required | Flexible Schedule)

Remote

**Experienced Licensed P&C Customer Service Representative – Virtual Insurance Professional (VIP) at blithequark**

Remote

Remote Client Coordination Specialist

Remote

Experienced Remote Data Entry Specialist – Sustainable Energy and Automotive Technology Support

Remote

[Remote] Lifestyle Content Creator – Fashion & Styling (Remote)

Remote

Experienced Customer Support Specialist – Delivering Exceptional Service in FinTech at blithequark

Remote
← Back