Security Incident Response Analyst

Join to apply for the Security Incident Response Analyst role at Philtech Inc. What You Will Be Doing In this role, you will use your knowledge of industry best practices, good judgement, and problem‑solving skills to execute security operations and incident response. You will be on the front lines of cyber defence for one of the largest retail organisations in the US, making quick decisions under pressure and adapting quickly to any security challenge. Your keen attention to detail and disciplined documentation will support the Security Operations / Incident Response team’s goal of operational excellence, continual process improvement and customer service. Main Responsibilities Perform log analysis and correlate disparate data sets to identify abnormal behaviour. Respond to security events, driving issues to closure and engaging all appropriate resources. Document security processes and procedures. Support the service‑request intake process and communicate updates to requestors promptly. Enforce security policies, standards and procedures. Stay current on security technologies, trends, standards and best practices. Participate in Incident Response activities. Detect and analyse cybersecurity threats. Work with our MSSP to respond to internal and external cyber‑security events. Ensure quality service delivery to internal customers across SIEM, triage/investigation/response, phishing‑email analysis and response, and threat‑detection development. Ensure service incidents are closed within SLA. Ensure service metrics (SLAs/KRIs/KPIs) are met. Interface with our Cyber Threat Intelligence (CTI) team on detection development and new/upcoming threats. Work on Data Loss Prevention. Other duties and responsibilities as assigned. This position will be part of the Albertsons Companies 24/7 Security Operations Centre and may involve shift work, including day, evening and weekend roles. What We Are Searching For Expert level knowledge and understanding of information technology systems and processes. Experience with IT Service Management, especially around the delivery of security services. Demonstrated analytical, problem‑solving and troubleshooting skills. Ability to learn, understand and apply new concepts quickly. Experience writing detection rules, firewall rules or similar detection capabilities. Comfortable working with internal or external organisations on security policy, standards violations, control failures and incident response. Ability to balance and prioritise work. Knowledge of information security principles and practice. Sound understanding of the OSI networking model. Advanced knowledge of networking protocols including DNS, TCP/IP, UDP. Experience with Windows Server/Workstation and Mac OS is required. Advanced experience with EDR, antivirus, anti‑malware and proxy solutions. Trustworthiness in keeping sensitive data confidential. Thorough understanding of current attack tools, tactics, procedures and how to detect and/or mitigate them. Experienced and in‑depth knowledge in Data Loss Prevention. Qualifications and Experience Experience working within Enterprise SOC operations. Experience with security operations technologies including SIEM, EDR, Cyber Threat Intelligence, Adversary Hunting and Security Orchestration (SOAR) or other applicable experience. Comfortable participating in Incident Response investigations and plan execution. Performing appropriate forensic procedures to capture and preserve evidence for future use and analysis, maintaining chain of custody. Send your application (CVs and/or portfolio) to #J-18808-Ljbffr