Staff Incident Response Analyst

Summary

Join Ro, a leading direct-to-patient healthcare company, as a Staff Incident Response Analyst. You will lead comprehensive incident response engagements, develop innovative solutions, and mentor analyst teammates. This role requires extensive experience in security operations and incident response, particularly in multi-cloud environments. Successful candidates will have a strong understanding of adversary tactics and techniques and be comfortable working in a fast-paced, collaborative environment. Ro offers a competitive salary and benefits package, including full medical, dental, and vision insurance, 401(k) matching, flexible PTO, and more. The position offers flexibility to work remotely anywhere in the US, with in-person collaboration encouraged.

Requirements

• 7 years of experience in a security operations and incident response role, with a bachelor’s degree in a technical field or equivalent work experience
• Real world experience in incident management, crisis management, and/or breach response with an in-depth knowledge of applying both manual and automated response procedures
• Hands-on experience performing complex investigations and leading incident responses in AWS, Azure, or GCP environments, with experience interpreting and securing multi-cloud architectures
• Seasoned SOC/CIRT operator fluent in cyber investigations, cloud native response, network/host intrusion analysis, with strong knowledge of adversary tactics, techniques, and procedures
• Broad understanding of the risks facing the security industry, current and emerging threats, and varied approaches to applying modern controls in order to mitigate enterprise risks

Responsibilities

• Serve as the SOC’s highest point of escalation for technical analysis and response
• Shape program strategy as a trusted individual contributor
• Mentor analyst teammates toward improvement
• Command incident response engagements as a hands-on cross-functional expert, leading both technical and non-technical colleagues, partners, and business leaders through complex scenarios
• Impact threat management program strategy across multiple competency domains including external threat, insider threat, threat intelligence, data security, fraud management, and physical security
• Work with stakeholders such as IT, Security Engineering, Product Security, Infrastructure, Privacy, and Legal teams to solve security challenges at scale, and enhance program capability
• Discover unknown technical risks, correlate disparate data sources to acquire evidence, and apply superior analytical techniques in pursuit of proposing your recommended remediation strategy
• Develop new hypotheses and perform detection engineering upon a rich dataset to discover adversary tactics, techniques and procedures aligned with our program’s threat intelligence

Preferred Qualifications

Certified GX-IH, GCIH, GCFR, GCSA, GCTD, GCFA, GWEB, AWS-Security or equivalents

Benefits

• Full medical, dental, and vision insurance + OneMedical membership
• Healthcare and Dependent Care FSA
• 401(k) with company match
• Flexible PTO
• Wellbeing + Learning & Growth reimbursements
• Paid parental leave + Fertility benefits
• Pet insurance
• Student loan refinancing
• Virtual resources for mindfulness, counseling, and fitness