Senior Incident Response Analyst – Cloud (AWS/Azure, Wiz)
Location: Remote (U.S.-based)
Type: Full-time | No sponsorship available
Compensation: Base + 8% annual performance bonus
On-call: Required on rotation
About the Role
We’re seeking a Senior Incident Response Analyst with strong cloud and on-prem security experience to lead investigation, containment, and remediation of security incidents across complex enterprise environments. You’ll help strengthen the company’s security posture by identifying vulnerabilities, analyzing threats, and developing scalable defensive measures across AWS and Azure ecosystems.
Key Responsibilities
- Lead and execute end-to-end incident response activities, including triage, investigation, containment, eradication, and post-incident analysis.
- Develop and maintain automated scripts, detection logic, and playbooks for consistent and scalable response.
- Review configurations of production systems and networks against internal and industry security standards.
- Conduct forensic analysis of logs, network traffic, and host data to identify attack vectors and root causes.
- Collaborate with Security Architects, Engineers, and IT stakeholders to coordinate remediation and hardening measures.
- Integrate threat intelligence and monitoring services into internal CIRT workflows.
- Support enterprise security audits, compliance checks, and security service reviews.
- Prepare post-incident reports and present findings to technical and non-technical stakeholders.
Required Qualifications
- 4–6 years of experience in incident response or security operations, including both on-prem and cloud environments.
- Strong hands-on experience with AWS and Azure security services.
- Solid understanding of TTPs, IOCs, and modern attack methodologies.
- Experience with endpoint and detection response (EDR) tools such as CrowdStrike or Microsoft Defender.
- Familiarity with network and infrastructure security — routers, switches, firewalls, etc.
- Excellent analytical, problem-solving, and communication skills.
- Bachelor’s degree in Computer Science, Engineering, Information Security, or equivalent experience.
Preferred Qualifications
- Experience with Wiz or Wiz Defend for cloud posture management.
- Certifications such as SANS GIAC GSEC, GCIA, GCIH, or equivalent (CISSP, CEH, CompTIA Security+).
- Prior experience supporting healthcare or other regulated environments.
What You’ll Bring
- A proactive mindset with strong situational awareness and curiosity about threat behavior.
- Ability to operate independently under pressure while maintaining accuracy and composure.
- Collaborative energy to work cross-functionally with technical and business teams to drive quick, effective incident resolution.
