Sr. Incident Response Analyst, Information Security

The Group You’ll Be A Part Of

The Global Information Systems Group is dedicated to the success of Lam through providing best-in-class and innovative information system solutions and services. Together, we support users globally with data, information, and systems to achieve their business objectives.

The Impact You’ll Make

Lam Research seeks a Sr. Incident Response Analyst to lead technical responses to cybersecurity incidents and drive proactive security monitoring to protect Information Technology (IT) and Operational Technology (OT) infrastructure. This role ensures timely threat identification, containment, and remediation, guiding incidents through the full incident response lifecycle (detection to post-incident analysis). The Analyst will collaborate globally with regional teams, mentor junior responders, and enhance Lam’s security posture through process optimization and automation. The role reports to the Sr. Manager of Incident Response and requires expertise in incident management, threat detection tools, and cross-functional coordination.

What You’ll Do

• Lead Incident Response: Manage complex incidents end-to-end through the lifecycle, from initial detection to post-incident review, ensuring alignment with organizational cybersecurity goals.
• Tier 1 Mentorship: Provide escalation support for Tier 1 CSOC analysts, guiding containment strategies, investigation techniques, and resolution oversight.
• Threat Intelligence: Research emerging threats, vulnerabilities, and exploit trends; apply findings to improve detection and response strategies.
• Process Improvement: Lead automation initiatives, refine standard operating procedures (SOPs), and optimize workflows to reduce manual effort and improve efficiency.
• Global Collaboration: Serve as a liaison between the CSOC and Incident Response Team, ensuring seamless cross-functional communication and information sharing.
• CSOC Support: Contribute to on-call shift rotations and maintain continuous threat monitoring in fast-paced environments.
• Post-Incident Analysis: Lead reviews to document lessons learned, recommend process enhancements, and strengthen overall security resilience.

Who We’re Looking For

Required Qualifications:

• Experience:
  • 5+ years in Information Security, with 2+ years in a Security Operations Center (SOC).
  • Proven success leading incident response for complex cyber incidents across the full lifecycle.
  • Hands-on experience with SIEM platforms (e.g., Azure Sentinel, Splunk, QRadar) and security tools (e.g., Microsoft Defender, Cloud App Security).
• Technical Expertise:
  • Proficiency in networking, firewalls, OS security (Windows/Linux), cloud computing, and information security best practices.
  • Strong understanding of endpoint security, DFIR, threat hunting, and intrusion detection/prevention.
  • Experience with Kusto Query Language (KQL), scripting (Python, PowerShell, Bash), and automation.
• Skills:
  • Excellent verbal/written communication to translate technical details for diverse audiences.
  • Analytical problem-solving skills with creativity in investigative work.

Preferred Qualifications

• Experience:
  • Global enterprise-scale (Fortune 500) or semiconductor manufacturing/high-tech industry exposure.
  • Familiarity with OT environments, penetration testing, malware analysis, or reverse engineering.
• Technical Knowledge:
  • Advanced proficiency with Microsoft security tools (Defender for Endpoint, Azure Sentinel).
  • Cloud expertise (AWS, Azure, or GCP) and familiarity with ATT&CK frameworks or Cyber Kill Chain.
• Certifications:
  • At least one of: Security+, CISSP, SANS GCIH or GMON, CEH, OSCP, or Azure Security Engineer.
• Tools:
  • Experience with memory forensics tools (e.g., Volatility) or digital forensics software (e.g., Magnet AXIOM, FTK Imager).

Our Commitment

We believe it is important for every person to feel valued, included, and empowered to achieve their full potential. By bringing unique individuals and viewpoints together, we achieve extraordinary results.

Lam Research ("Lam" or the "Company") is an equal opportunity employer. Lam is committed to and reaffirms support of equal opportunity in employment and non-discrimination in employment policies, practices and procedures on the basis of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex (including pregnancy, childbirth and related medical conditions), gender, gender identity, gender expression, age, sexual orientation, or military and veteran status or any other category protected by applicable federal, state, or local laws. It is the Company's intention to comply with all applicable laws and regulations. Company policy prohibits unlawful discrimination against applicants or employees.

Lam offers a variety of work location models based on the needs of each role. Our hybrid roles combine the benefits of on-site collaboration with colleagues and the flexibility to work remotely and fall into two categories – On-site Flex and Virtual Flex. ‘On-site Flex’ you’ll work 3+ days per week on-site at a Lam or customer/supplier location, with the opportunity to work remotely for the balance of the week. ‘Virtual Flex’ you’ll work 1-2 days per week on-site at a Lam or customer/supplier location, and remotely the rest of the time.

IND123   #LI-FC1 #LI-Hybrid

Our Perks and Benefits

At Lam, our people make amazing things possible. That’s why we invest in you throughout the phases of your life with a comprehensive set of outstanding benefits.