Serve as key first tier (level 1 analyst) on-call resource for security escalations based on shifts schedule
Perform complexed investigations and phishing analysis as a part of Edwards active security monitoring and threat hunting operations within SLAs
Drive response and remediation actions to protect against security threats in Edwards environments and products
Support data ingestion tuning and data correlation operations
Drive improvements of our Detection Engineering operations by providing tuning recommendations and baselining detection use cases
Work closely with the Detection Response and Automation team to provide valuable feedback to improve our Incident Response processes
Staying informed on the evolving cybersecurity threat landscape to drive innovative investigations and improvements to drive Edwards’ security posture
As needed, participate in CIRT team efforts

Bachelor's Degree in related field with 2 years of previous related experience, or equivalent work experience based on Edwards criteria
Participation in information security incident handling efforts
Provide and build detailed investigation summary including documentation and recommended action items
Experience with SIEM solutions (Google SecOps, Splunk, Qradar etc)
Experience with SOAR platforms operations (Torq, PaloAlto XSOAR etc)
Certifications in related discipline preferred (e.g., CEH, CISM, CISSP)
Expert of security IR concepts, data tuning, SIEM, log sources and security frameworks (e.g. MITRE)
Knowledge of common attack vectors and methods
Knowledge of cloud security concepts
Scripting experience
Moderate understanding of troubleshooting techniques with the ability to adapt and learn new technologies
Proficient analytical and problem-solving abilities to identify and mitigate potential security risks
Good organization and time management skills
Good verbal and written communication skills and customer focused skills

Incident Response Analyst

Key skills