Job Closed
This listing is no longer active.
Winning combination of software products for iGaming
Incident Response Analyst – Middle
Location
Georgia
Posted
72 days ago
Salary
0
Seniority
Junior
Job Description
Incident Response Analyst – Middle
SOFTSWISS
• Upgrade SOC processes & response automation • Respond to cybersecurity incidents • Immerse yourself in the specifics of systems and processes to achieve a balance of security and performance • Investigate security incidents and instigate remedial measures to address breaches
Job Requirements
- Practice with SIEM, EDR, IDS/IPS, IRP/SOAR events analysis
- Familiarity with SecOps processes, i.e., monitoring, triaging, investigating, and threat intelligence
- More than one year of experience as an information security engineer/analyst
- Strong investigative and analytical problem-solving skills
- Intermediate or higher English level
- Nice to have: Experience with Clickhouse, Splunk, Kafka, ELK, Graylog, etc.
- Strong Linux system administration experience
- Expertise in network, host, and cloud-based analysis and investigation
- Experience with AWS, Azure, GCP, k8s, Docker infrastructure, and familiarity with attacks on them
- A strong understanding of the attack pipelines (MITRE ATT&CK Framework, Cyber Kill-Chain)
- Familiarity with CI/CD, software development lifecycle, and Infrastructure-as-Code (Terraform/Ansible/etc)
- Proficiency in automation (Bash/PowerShell, Python)
- Experience with log collection, delivery, and normalization
- Strong knowledge in open source solutions of endpoint & infrastructure security, such as Audit.d, sysmon, apparmor, selinux, etc.
- Fundamental static and dynamic malware analysis
- Offensive experience (penetration testing, red teaming)
Benefits
- Full-time work opportunities
- Private insurance
- An additional Day Off (1) per calendar year
- Sports program compensation
- Comprehensive Mental Health Programme
- Free online English lessons with native speakers
- Generous referral program
- Training, internal workshops, and participation in international professional conferences and corporate events
Related Guides
Related Categories
Related Job Pages
More Incident Response Analyst Jobs
Incident Management Supervisor
Peraton CorporationPeraton Corporation, a national security company headquartered in Herndon, Virginia, supplies solutions for mission-critical programs and systems. Founded in 20
Responsibilities Position Overview The Incident Manager is responsible for the end to end leadership of the Incident Management function, overseeing a team of technicians who manage incidents, escalations, communications, and trend analysis for the enterprise. This role ensures timely service restoration, drives process maturity, and provides strategic oversight based on ITIL best practices. The ideal candidate has more than ten years of experience managing technical teams in complex IT environments and brings a proven ability to deliver operational excellence. Key Responsibilities - Team Leadership & Operational Oversight - Lead, coach, and develop a team of Incident Management technicians responsible for day to day incident handling. - Ensure team members follow established processes for triage, escalation, communication, and documentation. - Set performance expectations, conduct regular reviews, and support staff development and training needs. - Oversee staffing, scheduling, and workload management to maintain consistent operational coverage. Major Incident Command & Escalation Management - Direct and coordinate the response to highpriority and major incidents, ensuring swift service restoration. - Mobilize and guide crossfunctional technical teams throughout the lifecycle of critical incidents. - Serve as the primary authority for incident escalation decisions, communication strategy, and stakeholder updates. - Validate that all actions, timelines, and decision points related to major incidents are captured accurately for follow-up. Incident Quality, Documentation & Reporting - Ensure thorough and accurate incident records across the team, meeting compliance, audit, and governance requirements. Oversee trend analysis efforts, identifying recurring issues and systemic problems based on incident data. - Lead or coordinate postincident reviews, ensuring effective rootcause analysis and corrective action planning. - Produce and present recurring reports on incident volume, SLAs, team performance, and major incident metrics. Process Governance & Continuous Improvement - Own and mature the Incident Management process in alignment with ITIL v4 practices. - Partner with Service Desk, Problem Management, Change Management, and technical support teams to drive workflow improvements. - Identify and implement enhancements to tools, communication standards, and escalation pathways. - Evaluate and refine SLAs, KPIs, and operational procedures to improve service reliability and reduce incident frequency. Qualifications Required Qualifications - 6+ years of experience - Strong background with ITIL frameworks and IT service management best practices. - Demonstrated ability to lead major incident response efforts and coordinate multidisciplinary technical resources. - Excellent communication skills with the ability to bridge technical and nontechnical audiences. - Strong organizational skills and the ability to perform in high-pressure, time-sensitive situations. - Ability to obtain and maintain a DOE security clearance. Preferred Qualifications - Experience with enterprise ITSM platforms such as ServiceNow, Remedy, or Jira Service Management. - Familiarity with root cause analysis methodologies and incident trend analysis. - Experience transforming or maturing incident management processes in large, complex IT organizations. - Bachelor's Degree preferred Peraton Overview Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure. Target Salary Range $104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. EEO EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
cFocus Software seeks a Sr. Incident Response Analyst to join our program supporting Housing and Urban Development (HUD). This position is remote. This position requires a Public Trust clearance. Qualifications: - Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience). - 7+ years of experience in a SOC, cybersecurity operations, or IT security role. - Experience with SIEM tools (e.g., Splunk), EDR solutions, and log analysis. - Understanding of networking concepts, operating systems, and cybersecurity principles. - Familiarity with incident response processes and security monitoring tools. Duties: - Monitor security events and alerts using SIEM, SOAR, EDR, and other SOC tools in a 24/7/365 environment. - Perform initial triage and analysis of security alerts to determine severity, impact, and validity. - Identify and respond to potential security incidents including malware, phishing, unauthorized access, and anomalous behavior. - Escalate confirmed or high-risk incidents to Tier 2/3 analysts and incident response teams. - Document incidents, actions taken, and findings in ticketing systems (e.g., ServiceNow). - Support continuous monitoring of network, endpoint, and cloud environments. - Analyze logs from multiple sources (network, application, cloud, endpoint) to detect suspicious activity. - Track and report on security incidents, including metrics such as Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR). - Assist in vulnerability monitoring, including tracking Known Exploited Vulnerabilities (KEVs) and reporting findings. - Participate in incident response activities and support containment and remediation efforts. - Follow standard operating procedures (SOPs) and playbooks for incident handling and escalation. - Maintain situational awareness of emerging threats and vulnerabilities. - Support shift handoffs and maintain clear communication across SOC teams. - Contribute to SOC reporting, dashboards, and documentation.
Analista de Resposta a Incidentes e Recuperação Operacional (1 vaga) (Home Based) - [Open to internal and external applicants]
UNDPUN Women works for the elimination of discrimination against women and girls; the empowerment of women; and the achievement of equality between women and men as partners and beneficiaries of development, human rights, humanitarian action and peace and security.
Tiered Approach In line with the commitment to safeguard capacity and support personnel already in the Organization, a majority of UNDP UNCDF/UNV vacancies are advertised using a tiered application process whereby: - Tier 0: UNDP/UNCDF/UNV IP staff holding permanent (PA) and fixed-term (FTA) appointments, whose posts will be abolished, or contracts will be terminated or not renewed during 2026. - Tier 1: Other UNDP/UNCDF/UNV staff holding permanent (PA) and fixed-term (FTA) appointments - Tier 2: UNDP/UNCDF/UNV staff holding temporary appointments (TA), personnel on regular PSA contracts, and Expert and Specialist UN Volunteers - Tier 3 or no tier indicated: All other contract types from UNDP/UNCDF/UNV and other agencies, and other external candidates Please make note of the Tier(s) indicated in the vacancy title, if any, and ensure that you satisfy the eligibility to apply. Background Diversity, Equity and Inclusion are core principles at UNDP: we value diversity as an expression of the multiplicity of nations and cultures where we operate, we foster inclusion as a way of ensuring all personnel are empowered to contribute to our mission, and we ensure equity and fairness in all our actions. Taking a ‘leave no one behind’ approach to our diversity efforts means increasing representation of underserved populations. People who identify as belonging to marginalized or excluded populations are strongly encouraged to apply. Learn more about working at UNDP including our values and inspiring stories. UNDP does not tolerate sexual exploitation and abuse, any kind of harassment, including sexual harassment, and discrimination. All selected candidates will, therefore, undergo rigorous reference and background checks. Objetivo do Cargo e Contexto Organizacional Em 2025, o Conselho Nacional de Justiça (CNJ) e o Programa das Nações Unidas para o Desenvolvimento (PNUD) firmaram uma parceria voltada à promoção da inovação em segurança cibernética para o Poder Judiciário. O projeto BRA/25/025 – “Fortalecimento da segurança cibernética e da transparência para governança e efetividade da atuação do Poder Judiciário” desenvolve e implementa ferramentas e estratégias para o fortalecimento da segurança cibernética, da preservação digital e da integridade da informação, ampliando a proteção dos sistemas e dos usuários do Judiciário. A iniciativa fortalece a segurança institucional e promove a transparência, a boa governança e a eficiência dos processos judiciais, contribuindo para a economia de recursos e para uma atuação mais ágil da Justiça em benefício dos cidadãos e da sociedade. Para isso, a governança do projeto está dividida nas seguintes frentes: Quatro eixos transversais de coordenação: - Coordenação Geral; - Unidade de monitoramento e controle integrado; - Unidade de gestão técnica e operacional; - Unidade de formação e comunicação. Quatro frentes de trabalho, focadas em: - Compliance normativa; - Conformidade operacional; - Governança em rede; - Fomento à cultura de segurança cibernética. Por se tratar de uma vaga em regime remoto, espera-se que o(a) candidato(a) disponha de condições adequadas de trabalho, incluindo infraestrutura e equipamentos necessários para o pleno desempenho das atividades. Deveres e responsabilidades O(a) Analista de Resposta a Incidentes e Recuperação Operacional estará vinculado ao núcleo de desenvolvimento de capacidades institucionais locais (blue teams), que compõe o eixo de trabalho de fomento à cultura de Segurança Cibernética. Nesse contexto, será responsável por conduzir a resposta técnica a incidentes de segurança e falhas operacionais, atuando desde a contenção e mitigação até a recuperação de sistemas e serviços. O papel envolve análise técnica, documentação pós-incidente, colaboração com equipes especializadas e fortalecimento contínuo dos processos de resiliência, prevenção e prontidão operacional. O(a) profissional atuará em estreita articulação com a equipe do CNJ e do PNUD e as seguintes atividades indicativas estão previstas: 1. Conduzir a resposta técnica a incidentes a. Executar ações de contenção rápida e mitigação eficaz de incidentes. b. Avaliar a criticidade e o impacto operacional dos eventos identificados. c. Atuar em situações de crise, garantindo resposta coordenada e técnica. 2. Analisar evidências e impactos operacionais a. Analisar registros, logs e evidências técnicas associadas aos incidentes. b. Avaliar impactos em sistemas, serviços e operações. c. Subsidiar a definição de ações corretivas e preventivas. 3. Atuar nos processos de recuperação operacional a. Conduzir atividades de restauração de sistemas e serviços afetados. b. Apoiar a retomada segura das operações. c. Validar a estabilidade dos ambientes após a recuperação. 4. Elaborar documentação e registros pós-incidente a. Produzir cronologias detalhadas dos incidentes. b. Elaborar relatórios técnicos e registros institucionais pós-incidente. c. Documentar lições aprendidas e recomendações de melhoria. 5. Integrar aprendizados e fortalecer o desenvolvimento de capacidades institucionais locais a. Incorporar aprendizados aos processos e procedimentos das instituições locais. b. Contribuir para o aprimoramento contínuo das práticas de resposta. c. Colaborar com a evolução de normas, fluxos e controles internos. 6. Apoiar prontidão, resiliência e prevenção a. Apoiar a definição de rotinas e padrões de resposta a incidentes. b. Participar de simulações e exercícios práticos de resposta e recuperação. c. Contribuir para o fortalecimento dos processos de prevenção e contenção. 7. Colaborar tecnicamente com equipes especializadas a. Trabalhar em conjunto com o laboratório de inovação em cibersegurança na avaliação de ferramentas de recuperação. b. Apoiar a comunicação técnica com outras áreas durante incidentes. c. Atuar de forma integrada com times de segurança, infraestrutura e operações. O(a) titular desempenha outras funções dentro do seu perfil funcional que considere necessárias ao bom funcionamento do projeto. Arranjo Institucional A pessoa contratada será supervisionada pela Coordenação Geral do projeto. Competências - Alcançar Resultados - NÍVEL 1: Planeja e monitora seu próprio trabalho, presta atenção aos detalhes e entrega um trabalho de qualidade dentro do prazo. - Pensar de forma Inovadora - NÍVEL 1: Aberto a ideias criativas e riscos conhecidos, é um solucionador de problemas prático e faz melhorias. - Aprender Continuamente - NÍVEL 1: Mente aberta e curioso, compartilha conhecimento, aprende com os erros e pede feedback. - Adaptar com Agilidade - NÍVEL 1: Adapta-se às mudanças, lida de forma construtiva com ambiguidades e incertezas, e é flexível. - Agir com Determinação - NÍVEL 1: Demonstra determinação e motivação, mantém a calma diante da adversidade e tem confiança. - Engajar e fazer Parcerias - NÍVEL 1: Demonstra compaixão e compreensão em relação aos outros, formando relacionamentos positivos. - Promover a Diversidade e Inclusão - NÍVEL 1: Valoriza e respeita as diferenças, está consciente de vieses inconscientes e enfrenta a discriminação. Competências multifuncionais e técnicas Direção e Estratégia de Negócios / Pensamento Estratégico - Desenvolver estratégias eficazes e planos prioritários alinhados com a missão e os objetivos do PNUD, baseando-se em uma análise sistêmica de desafios, oportunidades e riscos potenciais; conectar a visão geral à realidade no campo para criar soluções tangíveis e direcionadas; aprender a partir de diversas fontes para antecipar e responder de forma eficaz às tendências atuais e futuras; demonstrar capacidade de previsão. Direção e estratégia de negócios / Perspicácia empresarial - Capacidade de compreender e lidar com situações de negócios de forma a alcançar bons resultados. Habilidade para tomar boas decisões e fazer julgamentos rápidos dentro de tais contextos. Conhecimento e compreensão dos marcos operacionais da organização. Desenvolvimento de negócios/ /Design centrado no humano - Capacidade de desenvolver soluções para problemas envolvendo a perspectiva humana em todas as etapas do processo de resolução. Conhecimento e compreensão dos princípios e práticas de design centrado no ser humano. Gestão de negócios / Gestão de Projetos - Capacidade de planejar, organizar, priorizar e controlar recursos, procedimentos e protocolos para alcançar objetivos específicos. Digital / Gerenciamento de riscos de segurança cibernética e privacidade de dados - Capacidade de antecipar, preparar e responder a riscos e problemas que possam resultar em violações de dados, afetando a reputação do PNUD e causando danos pessoais. Agenda 2030: Paz / Estado de Direito, Segurança e Direitos Humanos - Instituições Eficazes do Setor de Justiça. Agenda 2030: Paz / Estado de Direito, Segurança e Direitos Humanos - Acesso à Justiça. Habilidades e experiência necessárias Requisitos mínimos de educação: - Diploma Universitário avançado (Mestrado ou equivalente) em Tecnologia da Informação, Ciência da Computação, Engenharia da Computação, Engenharia de Software, Análise e Desenvolvimento de Sistemas, Ciência de Dados, Sistemas de Informação ou áreas afins é requerido, ou - Diploma do Ensino Superior (Bacharelado) nas áreas mencionadas acima, combinado com 2 (dois) anos adicionais de experiência qualificada, será devidamente considerado em substituição ao Diploma Universitário avançado. Anos mínimos de experiência profissional relevante: - Candidatos com Diploma Universitário avançado (Mestrado ou equivalente) em área relevante não precisam de experiência profissional. - Candidatos com Diploma de Ensino Superior (Bacharelado) devem possuir, no mínimo, 2 (dois) anos de experiência em segurança da informação, em resposta a incidentes de segurança da informação ou falhas operacionais em ambientes críticos ou em processos de contenção, mitigação, recuperação e retomada de serviços. Habilidades desejadas, além das competências abordadas na seção Competências: - Experiência em resposta a incidentes de segurança cibernética e tratamento de falhas críticas. - Conhecimento em análise de logs, investigação de eventos e reconstrução de cenários. - Experiência com processos de recuperação e continuidade operacional. - Experiência de segurança defensiva e análise de riscos. - Desejável experiência em ambientes híbridos e serviços essenciais.. Idiomas exigidos: - Fluência em português é requerida. - Nível básico de inglês é desejável. Equal opportunity As an equal opportunity employer, UNDP values diversity as an expression of the multiplicity of nations and cultures where we operate and, as such, we encourage qualified applicants from all backgrounds to apply for roles in the organization. Our employment decisions are based on merit and suitability for the role, without discrimination. UNDP is also committed to creating an inclusive workplace where all personnel are empowered to contribute to our mission, are valued, can thrive, and benefit from career opportunities that are open to all. Sexual harassment, exploitation, and abuse of authority UNDP does not tolerate harassment, sexual harassment, exploitation, discrimination and abuse of authority. All selected candidates, therefore, undergo relevant checks and are expected to adhere to the respective standards and principles. Right to select multiple candidates UNDP reserves the right to select one or more candidates from this vacancy announcement. We may also retain applications and consider candidates applying to this post for other similar positions with UNDP at the same grade level and with similar job description, experience and educational requirements. Scam alert UNDP does not charge a fee at any stage of its recruitment process. For further information, please see www.undp.org/scam-alert.
(Part-Time): Cybersecurity Policy & Cyber Emergency Response Team (CERT) Subject Matter Expert (SME)
Hoplite GroupMitigating Risk Through Incisive Analysis
Opportunity (Part-Time / Limited Duration): Cybersecurity Policy & Cyber Emergency Response Team (CERT) Subject Matter Expert (SME) Bottom Line Up Front: Hoplite Group is seeking a Cybersecurity Policy & CERT SME to support a U.S. Government institutional capacity-building effort by providing expertise supporting development of cyber policies, organizational structures, and Cyber Emergency Response Team (CERT) procedures, while facilitating engagements and validating processes through simulation-based activities. Location: Remote support (CONUS) and forward engagements (OCONUS) as part of a U.S. Government team Level of Effort: - Non-Travel Months: 20 hours/month. - Travel engagements: OCONUS 60-day TDY starting May 2026: approximately 160 hours/month. - Post-Engagement: Remote support as needed. Availability: Immediate Objective: To support the development of cybersecurity policies, procedures, and organizational frameworks; support the establishment of CERT processes; and contribute to interagency coordination protocols and simulation-based validation of capabilities. Required Qualifications: - Executive level professional experience performed at the O6/GS-15 (or equivalent) level, leading policy and plans development in complex military or government cyberenvironments. - Proven ability to formulate and implement cyber policies and procedures that align with national security priorities, organizational goals, and evolving threat landscapes, leveraging geopolitical and technological awareness. - Skilled in creating and executing cyber policies, frameworks, and campaign plans that align with broader military objectives, incorporating international and regulatory considerations Interpersonal, briefing, and writing skills, with ability to communicate complex cyber concepts and policies to diverse audiences, and to facilitate engagements in both in-person and virtual environments. - Demonstrated capability in conducting human-centered design exercises, applying critical analysis, problem-solving, and scenario planning to complex cybersecurity challenges. - Experience in building and managing a cybersecurity workforce within a government or military context. - Experience in in translating CERT procedures into clear, teachable, and actionable instructional content. - 2 – 5 years experience with executing security cooperation/security assistance programs in the INDOPACOM AOR. - U.S. Secret Security Clearance required.
