Talent.com
Information Security Operations Analyst / Incident Response & Forensics Speci
Information Security Operations Analyst / Incident Response & Forensics SpeciKnowHireMatch • Madison, WI, US
serp_jobs.error_messages.no_longer_accepting
Information Security Operations Analyst / Incident Response & Forensics Speci

Information Security Operations Analyst / Incident Response & Forensics Speci

KnowHireMatch • Madison, WI, US
job_description.job_card.variable_hours_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Information Security Operations Analyst / Incident Response & Forensics Specialist

Madison, Wisconsin, HYBRID REMOTE (Flexible work from home days available)

$110,000 to $140,000

Experience 5+ Years Required

The Information Security Operations Analyst / Incident Response & Forensics Specialist is a critical, hands-on role responsible for operating and maturing the organization's cybersecurity defense, detection, and response capabilities. This specialist serves as a high-level escalation point, bridging the gap between proactive threat intelligence and reactive incident management.

The primary focus is two-fold : leading the execution of the full incident response lifecycle (detection, containment, eradication, and post-incident analysis) and conducting comprehensive digital forensic investigations for security breaches, eDiscovery requests, and internal investigations (HR / Legal). The role requires deep technical proficiency, a strong analytical mindset, and the ability to operate under pressure while maintaining strict standards for evidence integrity and regulatory compliance.

Key Responsibilities

I. Incident Response & Threat Hunting (The Core Focus)

  • Lead Incident Response : Serve as the primary technical lead in responding to escalated and complex security incidents (e.g., advanced persistent threats, nation-state attacks, significant data breaches, and sophisticated phishing campaigns)
  • 24 / 7 Coordination : Coordinate and ensure the timely prioritization, triage, and response to cybersecurity alerts and incidents across a 24 / 7 operations environment
  • Containment and Eradication : Execute highly technical containment strategies to limit the scope of an attack and lead the root cause analysis and eradication phase to ensure complete removal of adversary presence
  • Threat Intelligence Integration : Continuously ingest, review, and analyze incoming threat intelligence feeds, applying best practices to inform proactive threat hunting campaigns using the MITRE ATT&CK framework
  • Post-Incident Analysis : Create detailed, high-quality incident reports and after-action reviews to document findings, articulate technical concepts to non-technical stakeholders (including leadership), and identify opportunities for control enhancement

II. Digital Forensics & Investigations

  • Forensic Investigations : Conduct advanced, forensically sound data collections, imaging, and analysis of compromised systems, volatile memory, cloud environments, and network data in support of active security incidents
  • eDiscovery & Legal Support : Execute eDiscovery requests and support complex internal investigations led by Legal and Human Resources, ensuring strict maintenance of the chain of custody and evidence integrity in alignment with regulatory and organizational standards
  • Tool Expertise : Utilize and maintain state-of-the-art forensic tools, such as Magnet Forensics Axiom Cyber, for deep-div-investigations

    • III. Security Operations & Program Management

  • Tool Optimization : Maintain and optimize core security technologies, including SIEM (Splunk), Extended Detection and Response (XDR) solutions (e.g., Microsoft Defender), and vulnerability scanners, specifically focusing on alert tuning and detection engineering
  • Risk Remediation : Review findings from penetration tests, vulnerability scans, and security control assessments to identify weaknesses and provide pragmatic recommendations for remediation and control gap closure
  • Governance and Awareness : Contribute to the development and ongoing maintenance of security policies, standards, processes, and Incident Response Plans (IRPs). Develop and deliver targeted, high-impact security awareness content for the organization

    • Requirements

    Required Experience and Qualifications

    Education & Experience

  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or equivalent combination of education and / or 5 or more years of progressively responsible professional work experience in security operations, incident response, or digital forensics
  • Experience in a highly regulated industry is strongly preferred (e.g., Financial Services, Insurance)
  • Experience supporting law enforcement or external regulatory body investigations is preferred

    • Technical Expertise

  • Deep, hands-on experience executing the full Incident Response lifecycle (preparation, identification, containment, eradication, recovery, and lessons learned)
  • Demonstrated proficiency with Security Information and Event Management (SIEM) tools like Splunk for advanced log analysis and correlation rule creation
  • Expertise utilizing Endpoint Detection and Response (EDR) / XDR platforms (e.g., Microsoft Defender) for threat hunting and incident containment
  • Proven experience with digital forensic tools and methodologies, specifically including Magnet Forensics Axiom Cyber or equivalent platforms
  • In-depth knowledge of attacker Tactics, Techniques, and Procedures (TTPs) and the MITRE ATT&CK framework
  • Proficiency with scripting languages (e.g., Python, PowerShell) for automation of investigative tasks and data analysis is a plus

    • Professional Skills

  • Exceptional verbal and written communication skills with a proven ability to translate complex technical findings into clear, concise reports for both technical and non-technical executive audiences
  • Demonstrated analytical and critical thinking skills with the ability to manage high-stress, high-impact security incidents
  • Proven ability to work collaboratively across diverse teams (IT, Legal, HR, Business Units) and provide consulting and mentorship to junior team members

    • J-18808-Ljbffr

    serp_jobs.job_alerts.create_a_job

    Incident Response Analyst • Madison, WI, US

    Job_description.internal_linking.related_jobs
    Remote Financial Analyst - AI Trainer

    Remote Financial Analyst - AI Trainer

    Data Annotation • Janesville, Wisconsin
    serp_jobs.filters.remote
    serp_jobs.job_card.full_time +1
    We are looking for a finance professional to join our team to train AI models.You will measure the progress of these AI chatbots, evaluate their logic, and solve problems to improve the q...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_30 • serp_jobs.job_card.promoted
    Senior Threat Analyst

    Senior Threat Analyst

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    A company is looking for a Senior Analyst II (FNSS) to support intelligence requirements and client deliverables in a remote setting. Key Responsibilities Support client deliverables and produce q...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_30 • serp_jobs.job_card.promoted
    Senior Incident Response Consultant

    Senior Incident Response Consultant

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    A company is looking for a Senior Incident Response Consultant to support the incident response lifecycle and enhance detection capabilities for clients. Key Responsibilities Conduct forensic inve...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_30 • serp_jobs.job_card.promoted
    Information Security Awareness Lead

    Information Security Awareness Lead

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    A company is looking for an Information Security Awareness Lead to design and deliver security awareness initiatives.Key Responsibilities Develop and execute a multi-year security awareness train...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_30 • serp_jobs.job_card.promoted
    Security & Risk Analyst

    Security & Risk Analyst

    American Family Insurance • Madison, WI, United States
    serp_jobs.job_card.full_time
    This position analyzes security, threats, risks and exposures, determines the causes of security deviations and suggests procedures to halt future incidents and improve security.Collaborates cross ...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_30 • serp_jobs.job_card.promoted
    Cyber Security Analyst

    Cyber Security Analyst

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    A company is looking for a Cyber Security Analyst.Key Responsibilities Monitor and analyze security events using SIEM tools and threat intelligence platforms Investigate and respond to security ...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_30 • serp_jobs.job_card.promoted
    Information Security Operations Analyst / Incident Response & Forensics Speci

    Information Security Operations Analyst / Incident Response & Forensics Speci

    Knowhirematch • Madison, WI, US
    serp_jobs.job_card.full_time
    Information Security Operations Analyst / Incident Response & Forensics Specialist.Madison, Wisconsin, HYBRID REMOTE (Flexible work from home days available). Information Security Operations Ana...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_variable_days • serp_jobs.job_card.promoted
    Security Incident Response

    Security Incident Response

    Lincoln Financial • Madison, WI, US
    serp_jobs.job_card.full_time
    Remote : Work at home employee residing outside of a commutable distance to an office location.This position continuously monitors the alert queue. investigates security alerts; monitors health of ...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_variable_days • serp_jobs.job_card.promoted
    Information Security Engineer

    Information Security Engineer

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    A company is looking for an Information Security Engineer III.Key Responsibilities Monitor cybersecurity devices and investigate events and incidents Escalate or mitigate incidents and conduct c...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_30 • serp_jobs.job_card.promoted
    Information Security Manager

    Information Security Manager

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    A company is looking for an Information Security Manager to oversee security operations and ensure compliance with federal standards. Key Responsibilities : Develop and implement security policies,...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_30 • serp_jobs.job_card.promoted
    IAM Security Architect

    IAM Security Architect

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    A company is looking for an IAM and Security Services Architect.Key Responsibilities Define IAM and security services architecture roadmap, standards, and reference models Architect identity sol...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_variable_days • serp_jobs.job_card.promoted
    Information Security Analyst

    Information Security Analyst

    CapSpecialty • Middleton, WI, United States
    serp_jobs.job_card.full_time
    serp_jobs.filters_job_card.quick_apply
    This is a hybrid position requiring 3 days in office at our Middleton, WI.At CapSpecialty, we are a specialty underwriting company being driven by well-informed, entrepreneurial and proactive emplo...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_variable_days
    SOC Analyst

    SOC Analyst

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    A company is looking for a SOC Analyst to review data and identify anomalies for further investigation.Key Responsibilities Review data to identify anomalies requiring further investigation Perf...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_variable_days • serp_jobs.job_card.promoted
    Remote Senior Financial Analyst - AI Trainer

    Remote Senior Financial Analyst - AI Trainer

    Data Annotation • Beloit, Wisconsin
    serp_jobs.filters.remote
    serp_jobs.job_card.full_time +1
    We are looking for a finance professional to join our team to train AI models.You will measure the progress of these AI chatbots, evaluate their logic, and solve problems to improve the q...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_30 • serp_jobs.job_card.promoted
    Security Analyst

    Security Analyst

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    A company is looking for a Security Analyst to enhance the protection of its systems, networks, and applications.Key Responsibilities Monitor security dashboards, alerts, and logs; assist in tria...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_30 • serp_jobs.job_card.promoted
    Information Security Operations Analyst / Incident Response & Forensics Specialist

    Information Security Operations Analyst / Incident Response & Forensics Specialist

    Butler Recruitment Group • McFarland, WI, US
    serp_jobs.job_card.full_time
    Information Security Operations Analyst / Incident Response & Forensics Specialist.Madison, Wisconsin, HYBRID REMOTE (Flexible work from home days available). Information Security Operations Ana...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_variable_days • serp_jobs.job_card.promoted
    Senior Threat Intelligence Analyst

    Senior Threat Intelligence Analyst

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    A company is looking for a Senior Threat Intelligence Analyst.Key Responsibilities Act as a threat intelligence subject matter expert in areas such as malware analysis, exploit / vulnerability anal...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_30 • serp_jobs.job_card.promoted
    Fraud Operations Analyst

    Fraud Operations Analyst

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    A company is looking for a Fraud Operations Analyst.Key Responsibilities Monitor real-time transactions and customer behaviors flagged for fraud and abuse Investigate transactions to determine t...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_variable_days • serp_jobs.job_card.promoted
    Senior Insider Threat Analyst

    Senior Insider Threat Analyst

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    Key Responsibilities Identify and respond to insider threat security events Analyze alerts from DLP, UEBA, and other monitoring tools to detect anomalous activity Develop insider threat use cas...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_variable_days • serp_jobs.job_card.promoted
    Identity Security Analyst

    Identity Security Analyst

    VirtualVocations • Madison, Wisconsin, United States
    serp_jobs.job_card.full_time
    A company is looking for an Identity Security Analyst (Contract).Key Responsibilities Triage, analyze, and respond to identity hygiene issues and defects in ISPM platforms Coordinate with assura...serp_jobs.internal_linking.show_more
    serp_jobs.last_updated.last_updated_variable_days • serp_jobs.job_card.promoted