Incident Response Analyst

IDENTITY THEFT GUARD SOLUTIONS INC Beaverton, Oregon, United States

About this position

Opportunity Overview

  

IDX is seeking an Incident Response Analyst to support clients preparing for and responding to cybersecurity incidents. In this role, you will analyze both existing and emerging threat actors, tools, tactics, and procedures (TTPs), and assist clients during fast-moving, high-impact security events.


To be successful, you must be able to work effectively under tight deadlines and communicate technical findings clearly to nontechnical stakeholders. If you are passionate about cybersecurity, digital investigations, and continuous learning, and bring sound business judgment, strong consulting skills, and current technical knowledge, this may be a great opportunity for you.


As an Incident Response Analyst, you will join the IDX Digital Forensics and Incident Response (DFIR) team, a group of highly skilled professionals supporting clients experiencing security incidents. This role focuses on conducting detailed threat analysis, supporting forensic investigations, and guiding clients through the incident response lifecycle from detection through remediation.


What Makes You a Great Fit


You are a cybersecurity professional developing your expertise in Digital Forensics and Incident Response. You have foundational experience supporting forensic analysis and investigations and are eager to deepen your skills by working alongside experienced practitioners on complex engagements.


You approach problems with curiosity and analytical rigor, communicate clearly under pressure, and take pride in delivering high-quality work. You are seeking a team that invests in your growth while providing meaningful client exposure from day one.


Role and Responsibilities

  • Investigate network intrusions and other cybersecurity incidents to determine root cause, scope, and impact
  • Perform host-based and network-based analysis across major operating systems and network device platforms
  • Conduct technical investigations, including forensic acquisition, triage, and artifact analysis
  • Produce clear, high-quality written reports and oral briefings based on investigative findings
  • Deploy and utilize security tools to support threat detection, containment, response, and remediation
  • Support Business Email Compromise (BEC) investigations and related threat analysis
  • Perform basic malware analysis and assist with the development of analysis procedures
  • Collaborate with senior team members, legal counsel, and clients throughout the incident response lifecycle
  • Contribute to internal practice development, documentation, and training initiatives
  • Participate in research and development efforts to stay current with forensic tools, techniques, and methodologies



Requirements

Education & Experience

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field; or equivalent practical experience and industry certifications.
  • 1–3 years of hands-on experience in digital forensics, incident response, or a related cybersecurity discipline.

Technical Skills

  • Experience with or exposure to EDR platforms such as CrowdStrike Falcon, SentinelOne, Sophos, or similar tools.
  • Familiarity with SIEM technologies for detection and threat hunting.
  • Experience with scripting and command-line tools (PowerShell, Python, Bash).
  • Familiarity with the MITRE ATT&CK framework.
  • Understanding of regulated data types and privacy considerations (e.g., PII, PHI).

Professional Attributes

  • Strong written and oral communication skills; comfortable providing briefings and presentations to both technical and nontechnical audiences.
  • Ability to solve problems in fast-paced situations and implement countermeasures.
  • Detail-oriented with a strong sense of accountability and follow-through.
  • Proactive, adaptable, and comfortable learning new tools, workflows, and processes.
  • Ability to provide after-hours support as needed during active incidents.

Desired Qualifications

  • Security-related certifications such as GCFE, GCFA, GCIH, GREM, CISSP, or CEH.
  • Experience with forensic tools such as Axiom, EnCase, FTK, X-Ways, or Eric Zimmerman utilities.
  • Experience with network analysis and intrusion detection tools.
  • Experience supporting incident response in a consulting, law firm, or managed services environment.

Expertise in all areas is not required. We value curiosity, a willingness to learn, and the ability to work collaboratively with team members to expand your knowledge and experience.


Growth and Development

  • Work directly with senior analysts and engagement leads on complex investigations including ransomware, BEC, and data breach matters.
  • Receive mentorship and regular feedback to accelerate your technical and consulting skills.
  • Access to professional development resources and certification support.

Other Information

  • This position reports to the VP of Incident Response
  • This position may require up to 5% travel
  • This role requires occasional work on nights and weekends during active incidents