Incident Response Analyst

At ZoomInfo, we encourage creativity, value innovation, demand teamwork, expect accountability and cherish results. We value your take charge, take initiative, get stuff done attitude and will help you unlock your growth potential. One great choice can change everything. Thrive with us at ZoomInfo.

We are seeking a skilled Security Incident Response Analyst to join our dynamic team and help us safeguard our digital assets. As a leading Software-as-a-Service (SaaS) provider, we are committed to maintaining the highest standards of security and data protection. The ideal candidate will be responsible for detecting, responding to, and mitigating security incidents, as well as continuously improving our security posture.

Reports To: DIrector of Threat Detection & Response

Responsibilities:

• Incident Detection and Response: Monitor security alerts and events to identify potential security incidents. Respond promptly to security incidents, including containment, eradication, and recovery.
• Threat Analysis: Analyze security threats and vulnerabilities to determine their impact on the organization. Conduct root cause analysis to prevent future incidents.
• Forensic Investigation: Perform digital forensics to investigate security breaches and gather evidence. Document findings and provide detailed reports.
• Security Monitoring: Utilize security information and event management (SIEM) tools to monitor events and system logs for suspicious activity.  Conduct threat hunts to proactively check for threats in our environment. 
• Detection Engineering: Develop and maintain detection rules and signatures to identify malicious activity. Continuously improve detection capabilities by incorporating new threat intelligence and attack techniques.
• Automation: Automate tasks using low code/no code SOAR platforms to streamline workflows and improve efficiency.
• Collaboration: Work closely with IT, DevOps, and other teams to ensure timely resolution of security incidents. Provide guidance and support to improve security practices.
• Incident Reporting: Prepare and present incident reports to management and stakeholders. Maintain accurate records of incidents and actions taken.
• Continuous Improvement: Stay up-to-date with the latest security trends, threats, and technologies. Recommend and implement improvements to the incident response process.

Skills and Qualifications:

• Technical Expertise: Strong knowledge of cybersecurity principles, threat landscape, and attack vectors. 
• Security Tools: Proficiency in using security tools and technologies, such as SIEM, XDR, EDR, SOAR etc.
• Engineering Skills:  Research, building, testing, and deploying, rules and searches that detect malicious activity  
• Analytical Skills: Excellent analytical and problem-solving skills. Ability to analyze complex security incidents and determine appropriate response actions.
• Certifications: Relevant certifications such as CEH or GIAC are preferred.
• Experience: Previous experience in a security incident response role, preferably in a SaaS environment.

#LI-TG

#LI-Hybrid

About us: 

ZoomInfo (NASDAQ: ZI) is the trusted go-to-market platform for businesses to find, acquire, and grow their customers. It delivers accurate, real-time data, insights, and technology to more than 35,000 companies worldwide. Businesses use ZoomInfo to increase efficiency, consolidate technology stacks, and align their sales and marketing teams — all in one platform. 

ZoomInfo may use a software-based assessment as part of the recruitment process. More information about this tool, including the results of the most recent bias audit, is available here.

ZoomInfo is proud to be an Equal Opportunity Employer.  We are committed to equal employment opportunities for applicants and employees regardless of sex, race, age, color, national origin, sexual orientation, gender identity, marital status, disability status, religion, protected military or veteran status, medical condition, or any other characteristic or status protected by applicable law. At ZoomInfo, we also consider qualified candidates with criminal histories, consistent with legal requirements.