Talent.com
Information Security Operations Analyst / Incident Response & Forensics Specialist
Information Security Operations Analyst / Incident Response & Forensics SpecialistButler Recruitment Group • McFarland, WI, US
Information Security Operations Analyst / Incident Response & Forensics Specialist

Information Security Operations Analyst / Incident Response & Forensics Specialist

Butler Recruitment Group • McFarland, WI, US
job_description.job_card.1_day_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Job Description

Job Description

Information Security Operations Analyst / Incident Response & Forensics Specialist

Madison, Wisconsin, HYBRID REMOTE (Flexible work from home days available)

$110,000 to $140,000

Experience 5+ Years Required

The Information Security Operations Analyst / Incident Response & Forensics Specialist is a critical, hands-on role responsible for operating and maturing the organization's cybersecurity defense, detection, and response capabilities. This specialist serves as a high-level escalation point, bridging the gap between proactive threat intelligence and reactive incident management.

The primary focus is two-fold : leading the execution of the full incident response lifecycle (detection, containment, eradication, and post-incident analysis) and conducting comprehensive digital forensic investigations for security breaches, eDiscovery requests, and internal investigations (HR / Legal). The role requires deep technical proficiency, a strong analytical mindset, and the ability to operate under pressure while maintaining strict standards for evidence integrity and regulatory compliance.

Key Responsibilities

I. Incident Response & Threat Hunting (The Core Focus)

  • Lead Incident Response : Serve as the primary technical lead in responding to escalated and complex security incidents (e.g., advanced persistent threats, nation-state attacks, significant data breaches, and sophisticated phishing campaigns).
  • 24 / 7 Coordination : Coordinate and ensure the timely prioritization, triage, and response to cybersecurity alerts and incidents across a 24 / 7 operations environment.
  • Containment and Eradication : Execute highly technical containment strategies to limit the scope of an attack and lead the root cause analysis and eradication phase to ensure complete removal of adversary presence.
  • Threat Intelligence Integration : Continuously ingest, review, and analyze incoming threat intelligence feeds, applying best practices to inform proactive threat hunting campaigns using the MITRE ATT&CK framework.
  • Post-Incident Analysis : Create detailed, high-quality incident reports and after-action reviews to document findings, articulate technical concepts to non-technical stakeholders (including leadership), and identify opportunities for control enhancement.

II. Digital Forensics & Investigations

  • Forensic Investigations : Conduct advanced, forensically sound data collections, imaging, and analysis of compromised systems, volatile memory, cloud environments, and network data in support of active security incidents.
  • eDiscovery & Legal Support : Execute eDiscovery requests and support complex internal investigations led by Legal and Human Resources, ensuring strict maintenance of the chain of custody and evidence integrity in alignment with regulatory and organizational standards.
  • Tool Expertise : Utilize and maintain state-of-the-art forensic tools, such as Magnet Forensics Axiom Cyber , for deep-dive investigations.

    • III. Security Operations & Program Management

  • Tool Optimization : Maintain and optimize core security technologies, including SIEM (Splunk) , Extended Detection and Response (XDR) solutions (e.g., Microsoft Defender) , and vulnerability scanners, specifically focusing on alert tuning and detection engineering.
  • Risk Remediation : Review findings from penetration tests, vulnerability scans, and security control assessments to identify weaknesses and provide pragmatic recommendations for remediation and control gap closure.
  • Governance and Awareness : Contribute to the development and ongoing maintenance of security policies, standards, processes, and Incident Response Plans (IRPs). Develop and deliver targeted, high-impact security awareness content for the organization.

    • Required Experience and Qualifications

    Education & Experience

  • Bachelor's degree in Computer Science, Information System
    • serp_jobs.job_alerts.create_a_job

    Incident Response Analyst • McFarland, WI, US