We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Incident Response Analyst Team Lead at Thrive. Location Information: United States - Remote. . About Us . Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security, Networking, Disaster Recovery and Managed Services. Our corporate culture, engineering talent, customer-centric approach, and focus upon “next generation” services help us stand out amongst our peers. Thrive is on the look-out for individuals who don’t view their weekdays spent at “a job” but rather look to develop valuable skills that ignite their passion and lead to a CAREER. If you’re attracted to a “work hard, play hard” environment, seeking the guidance, training and experience necessary to build a lucrative career, then welcome to THRIVE!! . Position Overview . With a growing client base, Thrive is expanding its security team. We are looking for an experienced . Incident Response. Analyst Team Lead to join our Cyber Security Incident Response Team. This pivotal role involves leading . incident response. efforts, mentoring analysts, and continuously improving our customers' security posture by preventing, detecting, analyzing, and responding to cybersecurity incidents using cutting-edge technology and robust processes. . The ideal candidate will bring a blend of leadership, deep technical expertise, and a passion for incident response and forensics. They will play a key role in handling high-priority incidents, refining incident response processes, and mentoring team members to ensure operational excellence. . Primary Responsibilities . Provide mentorship, coaching, and guidance to SOC Analysts and Incident Response Analyst . Foster collaboration across teams to enhance threat intelligence sharing and operational efficiency . Act as a point of escalation for complex investigations and high-priority incidents . Lead incident response and threat hunting efforts for confirmed high-priority security incidents, ensuring resolution and documentation . Investigate intrusion attempts, differentiate false positives from actual threats, and perform in-depth analysis of exploits . Proactively monitor and respond to emerging threats using advanced tools and methodologies . Conduct forensic analysis, including memory and disk imaging, to identify evidence of compromise and attacker activity . Collect, preserve, and analyze digital evidence to support investigations and potential legal actions . Utilize forensic tools to uncover artifacts such as deleted files, malware remnants, and network traces . Develop and maintain incident response playbooks, ensuring alignment with the overall security strategy . Conduct regular reviews and updates of playbooks to address evolving threats and technologies . Participate in tabletop exercises to validate and refine playbooks and incident response procedures . Analyze SOC, . SIEM. , and EDR platform data to identify and escalate potential threats. . Collaborate with cross-functional teams to implement security best practices for internal and external clients . Ensure adherence to Thrive’s security standards while recommending future enhancements to tools and workflows . Utilize threat intelligence to identify potential security risks and proactively mitigate them . Stay current on emerging threats, vulnerabilities, and adversarial tactics, techniques, and procedures (TTPs) . Qualifications . Required Skills and Experience . Demonstrated experience in incident handling, escalation management, or leading high-priority incident investigations . Demonstrated expertise in best security practices and incident response methodologies. . Advanced knowledge of: . Security Information and Event Management (SIEM) tools . Networking (TCP/IP, routing, and switching) . IDS/IPS, penetration testing, and vulnerability assessments . Windows, UNIX, and Linux operating systems . Network protocols and packet analysis tools . Endpoint Detection and Response (EDR), antivirus, and anti-malware tools . Content filtering and email/web gateways . Hands-on experience in forensics, malware analysis, and intrusion detection . Familiarity with industry frameworks such as MITRE ATT&CK and the Cyber Kill Chain . Proven ability to communicate complex security issues to clients, peers, and management . Strong analytical, problem-solving, and decision-making skills . Adaptability to rapidly evolving situations and technologies . Ability to participate in an on-call rotation for high-priority incidents . Preferred Skills . Knowledge of common system calls and APIs for Windows and Linux/Unix environments . Experience with programming languages relevant to security analysis and automation . Understanding of internal file structures commonly associated with malware . Experience in detection engineering and creating high-fidelity detection rules . Advanced cloud security knowledge and expertise in investigating cloud-based intrusions . Desired Certifications . Computer Hacking Forensic Investigator (CHFI) . GIAC Certified Forensic Analyst (GCFA) . GIAC Certified Forensic Examiner (GCFE) . Certified Incident Handler (GCIH) . .