Senior Incident Response Analyst

Optomi, in partnership with a leading cybersecurity-focused organization, is looking for a Senior Incident Response Analyst to join their maturing IR/SWAT team.

• Opportunity to work with a small, multi-discipline team covering Incident Response, Threat Hunting, Threat Intelligence, and Detection Engineering.
• Exposure to a maturing security program with evolving processes, SOPs, and tooling.
• A collaborative and supportive team environment that values trust, humility, and curiosity.
• Hybrid work environment with potential flexibility based on office space constraints.

• Strong understanding of Microsoft ecosystem (Sentinel + Defender stack).
• Ability to write and interpret basic KQL queries.
• Experience with email security and phishing investigations, including mail flow, URL analysis, and determining spread/impact.
• Proficiency in analyzing various log sources such as firewall, IDS/IPS, cloud telemetry, and proxy logs.
• Analytical and critical thinking skills with the ability to perform investigative pivots.
• Strong communication skills and a team-first mindset.

• Triaging escalations from Tier 1 SOC and taking investigations end-to-end.
• Collaborating on containment and coordinating remediation efforts with appropriate owners.
• Analyzing and interpreting data to identify root causes and impacts of incidents.
• Leveraging playbooks and decision trees for regulated-environment steps.
• Supporting crisis communications and regulatory notifications during material incidents.
• Contributing to the continued stabilization and maturity of the IR program.

Join Optomi and make an impact in a dynamic and evolving cybersecurity environment by applying your expertise to protect and secure critical systems and data.