Security Analyst - Incident Response

Position Overview:

Seeking a Security Analyst to join our Security Operations Center (SOC), focusing on incident response and threat detection. This role involves working with enterprise SIEM platforms, EDR solutions, and incident management tools to protect IBKRs global trading infrastructure.

Key Responsibilities:

• Triage and investigate security alerts using SIEM/EDR tools
• Execute incident response playbooks
• Perform malware analysis and IOC identification
• Create incident tickets and maintain documentation
• Conduct initial forensic data collection
• Support security event correlation and analysis
• Monitor suspicious endpoint activities
• Participate in 24x7 incident response coverage

Required Technical Skills:

• Experience with SIEM (Splunk/QRadar)
• EDR platforms (CrowdStrike/Carbon Black)
• Incident ticketing systems (ServiceNow/JIRA)
• Windows/Linux log analysis
• Network traffic analysis
• Malware detection tools
• IOC collection and analysis
• Basic forensic tools

Required Experience:

• 2-3 years SOC/IR experience
• L1/L2 alert analysis background
• Experience with incident playbooks
• Exposure to MITRE ATT&CK framework
• Understanding of kill chain methodology
• Basic threat intelligence usage

Technical Environment:

• SIEM platforms
• EDR solutions
• TIP platforms
• Forensic tools
• Network monitoring tools
• Vulnerability scanners
• Incident management systems

Work Requirements:

• Rotating shifts (24x7 SOC)
• Incident response handling
• Alert triage and escalation
• Documentation and reporting
• Team collaboration

Growth Path:

• Advanced IR certification support
• Threat hunting training
• Digital forensics exposure
• Technical skill development
• Senior analyst progression