Senior Incident Response Analyst

Join ABBYY and be part of a team that celebrates your unique work style. With flexible work options, a supportive team, and rewards that reflect your value, you can focus on what matters most – driving your growth, while fueling ours.

Our commitment to respect, transparency, and simplicity means you can trust us to always choose to do the right thing.

As a trusted partner for purpose-built AI and intelligent automation, we solve highly complex problems for our enterprise customers and put their information to work to transform the way they do business. Over 10,000 customers trust ABBYY, including many Fortune 500 ones. You will work on further developing a portfolio already containing client names such as DHL, Johnson & Johnson, FDA, DMV, PwC, KeyBank, Spotify, and H&R BLOCK.

We are seeking a highly capable and detail-oriented Incident Response Specialist with 4–6 years of experience in Information Security to join our growing Security Operations team. This role is critical to identifying, analyzing, and responding to security incidents across the organization. The ideal candidate will have a strong technical foundation in threat detection, log analysis, digital forensics, and cyberattack mitigation, and will play a key role in maintaining and maturing the organization's cyber defense posture.

Job Responsibilities:

Incident Handling & Response

• Detect, triage, investigate, and respond to security incidents involving malware, phishing, unauthorized access, data exfiltration, and advanced threats.
• Perform forensic analysis of host, network, and cloud artifacts to determine the root cause and scope of incidents.
• Execute and maintain incident response plans and playbooks; drive incidents through containment, eradication, and recovery phases.
• Collaborate with IT, application owners, legal, HR, and other stakeholders during investigations and post-incident activities.

Security Monitoring & Analysis

• Monitor alerts from SIEM, EDR, IDS/IPS, and other telemetry sources.
• Analyze event data and security logs from diverse sources (firewalls, endpoints, email gateways, cloud platforms, etc.).
• Tune detection rules and refine use cases to reduce false positives and improve signal-to-noise ratio.
• Identify indicators of compromise (IOCs) and contribute to detection engineering efforts.

Threat Intelligence & Hunting

• Leverage internal and external threat intelligence to contextualize incidents and stay ahead of evolving adversary tactics.
• Participate in proactive threat hunting based on behavioral anomalies, threat hypotheses, and data correlation.
• Map observed activity to frameworks such as MITRE ATT&CK and contribute to knowledge base documentation.

Documentation & Reporting

• Maintain detailed records of incidents, investigation steps, findings, and resolutions.
• Prepare executive summaries and technical reports post-incident.
• Participate in after-action reviews and suggest improvements to response processes and capabilities.

Job Requirements:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related technical discipline (or equivalent experience).
• 4–6 years of experience in Information Security, with at least 2 years in an incident response or SOC analyst role.
• Proficiency with security monitoring and incident investigation tools such as:
  • SIEMs (e.g., Splunk, Sentinel, QRadar)
  • EDR/XDR (e.g., CrowdStrike, SentinelOne, Defender)
  • Packet Analysis (e.g., Wireshark)
  • Log Aggregation and Correlation Tools
• Strong knowledge of TCP/IP, operating systems (Windows, Linux), and security event logging.

Preferred Certifications

• GIAC Certified Incident Handler (GCIH)
• Certified Cybersecurity Analyst (CySA+)
• EC-Council Certified Incident Handler (ECIH)
• Security+, CEH, or other industry-recognized certifications
• SANS FOR508 / FOR572 (a plus)

Here are some of our local benefits:

• Work from home, remotely, or hybrid
• Partial compensation for glasses and lenses
• Private health insurance
• Volunteering Time Off (2 days/ year)
• SZÉP Card for recreational activities
• 3 extra days/ month for 'sick leave' without doctors visit
• Flexible working hours

Join ABBYY, and you will:

Love how you work

• We provide remote and hybrid working options to fit all lifestyles.
• We use flexible hours across most of our teams to allow you to find your own definition of balance.
• Encouraging a culture of giving, we provide two paid volunteering days off every year so you can take time to contribute to the causes you care about.
• To ensure your family is cared for, we offer paid parental leave in all our locations.

Love whom you work with

• We are a global team of 600+ colleagues, spread across 15 countries on four continents.
• With colleagues representing 30+ nationalities, our workforce reflects the world.
• Innovation and excellence run through our veins. Our teams gather the expertise which has garnered ABBYY more than 140 technology patents.
• We are guided by the values of respect, transparency, and simplicity.
• "Team Environment" is in the top three highest-scoring drivers of engagement across all of our departments.

Love what you work on

• We are a company with more than 35 years of experience in the technology market;
• Over 10,000 customers trust ABBYY, including many Fortune 500 ones, with names such as DHL, Johnson & Johnson, FDA, DMV, PwC, KeyBank, Spotify, and H&R BLOCK;
• We have modernized the capture market by creating the first low-code/no-code IDP platform.
• Our Machine Learning, Natural Language Processing, Computer Vision Technologies, and a marketplace built with AI, can transform any document in any process;
• Top Analyst firms recognize ABBYY's market leadership, including Gartner, Everest PEAK Matrix ® Assessment, ISG Intelligent Automation Lens, and NelsonHall, amongst others.

ABBYY is an Equal Employment Opportunity employer that values the strength that diversity brings to the workplace. To learn more about our commitment to Diversity and Inclusion, check out the careers section on our website.