Incident Response Analyst - Defensive Operations

2 Months ago • 3-5 Years • Operations

Job Summary

Job Description

The Incident Response Defensive Operations (IRDO) team is seeking a detail-oriented analyst to improve the Cybersecurity Incident Response program. This role involves identifying workflow inefficiencies, addressing capability gaps, and managing projects to enhance the efficiency of the Cybersecurity IR team. The analyst will also collaborate with the Threat Detection and Engineering (TIDE) team to improve IR tooling. Responsibilities include analyzing workflows, investigating gaps, leading cross-functional projects, automating workflows, contributing to the CSIRT Attack Surface Management program, and facilitating communication between the IR team and TIDE. The role requires a strong understanding of cybersecurity operations, incident response, and project management.
Must have:
  • 3-5 years of experience in cybersecurity operations
  • Experience with workflow automation
  • Experience with ServiceNow, Jira or similar tools
  • Strong IT background and expertise with OSX
  • Strong analytical and problem-solving skills
  • Excellent communication and interpersonal skills
Good to have:
  • Scripting knowledge (e.g., Python)
  • Familiarity with Splunk or other SIEM platforms
  • Experience with host and network forensics
  • Background in malware analysis
  • Familiarity with agile project management
  • Technical security certifications
Perks:
  • Remote-friendly and flexible work culture
  • Market leader in compensation and equity awards
  • Comprehensive physical and mental wellness programs
  • Competitive vacation and holidays for recharge
  • Paid parental and adoption leaves
  • Professional development opportunities
  • Employee Resource Groups and volunteer opportunities
  • Vibrant office culture with world class amenities
  • Great Place to Work Certified™

Job Details

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

The Incident Response Defensive Operations (IRDO) team is seeking a detail-oriented, proactive Analyst to help drive strategic improvements to our Cybersecurity Incident Response program. This role is designed for someone who thrives at the intersection of operations, project management, and technical problem-solving.

You’ll work alongside Incident Response analysts and engineers to identify pain points in existing workflows, close capability gaps, and manage high-impact projects that enhance the efficiency, effectiveness, and overall analyst experience of the Cybersecurity IR team. You’ll also serve as a key liaison with our Threat Detection and Engineering (TIDE) team, ensuring smooth collaboration on detection engineering, automation, and improvements to our IR tooling.

As part of this role, you'll also contribute to the CSIRT Attack Surface Management program - an initiative focused on evaluating and improving the organisation’s ability to detect and respond to threats across critical domains including email, applications, networks, and endpoints.

 

What You'll Do:

  • Analyse incident response workflows to identify inefficiencies and friction points; propose and implement improvements.

  • Investigate operational and technical capability gaps - such as containment or access limitations and coordinate efforts to close them.

  • Lead and support cross-functional projects aimed at improving IR tooling, processes, and analyst experience.

  • Build or coordinate the development of workflow automations that reduce manual overhead and streamline response processes.

  • Contribute to the CSIRT Attack Surface Management program by assessing detection coverage, visibility, and response readiness across key attack surfaces.

  • Serve as the intermediary between the IR team and TIDE, translating analyst needs into actionable engineering requirements and helping prioritize improvements.

  • Maintain visibility on evolving IR needs and ensure proactive delivery of scalable, reliable operational enhancements.

What You'll Need:

Education & Experience:

  • Bachelor's Degree (or equivalent experience) in a computer-related field

  • 3-5 years of experience in cybersecurity operations, incident response, or a similar domain (or equivalent combination of education and experience).

  • Hands-on experience with workflow automation - such as building automation playbooks, creating scripts, or leveraging tools like TINES, AWS Lambda, or SOAR platforms.

Technical Expertise:

  • Experience with ServiceNow, Jira, or similar workflow/ticketing tools

  • Strong IT background (networking fundamentals, systems) and expertise with OSX

  • Strong analytical and problem-solving skills with a passion for operational efficiency.

  • Experience with project management or process improvement in a technical environment.

  • Excellent communication and interpersonal skills; ability to interface with both technical and non-technical stakeholders.

  • Familiarity with cybersecurity technologies and concepts, particularly incident response, containment, and automation.

Analytical & Communication Skills:

  • Effective communication skills in English (verbal and written)

  • Ability to maintain strict confidentiality and operate independently in high-pressure situations

Preferred Skills & Attributes:

  • Scripting knowledge (e.g., Python, Perl, Bash, PowerShell)

  • Familiarity with Splunk or other advanced SIEM platforms

  • Experience with host and network forensics

  • Background in malware analysis

  • Familiarity with agile project management and compliance frameworks

  • Technical security certifications or advanced academic credentials

#LI-GT1

Benefits of Working at CrowdStrike:

  • Remote-friendly and flexible work culture

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs

  • Competitive vacation and holidays for recharge

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.

Similar Jobs

Palo Alto Networks - Internal Audit Manager - IT Risks and Controls

Palo Alto Networks

Santa Clara, California, United States (On-Site)
3 Weeks ago
Axon - Distribution Manager

Axon

Sterling, Virginia, United States (On-Site)
2 Months ago
Apple - Senior Program Manager, Trust & Safety

Apple

Cupertino, California, United States (On-Site)
2 Weeks ago
Autodesk - Principal Software Engineer, AWS

Autodesk

San Francisco, California, United States (Hybrid)
1 Month ago
Deepgram - Technical Product Manager (Voice AI)

Deepgram

California, United States (Remote)
5 Months ago
deel. - Team Lead, Payroll Operations

deel.

France (Remote)
1 Day ago
UPF Industries  - Inventory Coordinator

UPF Industries

Riverside, California, United States (On-Site)
1 Year ago
NXP - Operations Quality Senior Manager

NXP

Bangkok, Thailand (On-Site)
1 Week ago
GHX - Supervisor, Contract Operations

GHX

United States (On-Site)
2 Weeks ago
NinjaVan - Operations Excellence (Open for Fresher)

NinjaVan

Hanoi, Vietnam (On-Site)
22 Hours ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Addepar - Sr. Frontend Software Engineer

Addepar

Pune, Maharashtra, India (On-Site)
2 Months ago
DevRev - Solutions Engineer

DevRev

Delhi, India (On-Site)
2 Months ago
Google - Senior Staff Software Engineer, Infrastructure, Google Cloud

Google

Bengaluru, Karnataka, India (On-Site)
3 Months ago
Reddit - Senior Machine Learning Engineer, Conversion Lift

Reddit

United States (Remote)
2 Months ago
Applike - BI Analyst

Applike

Hamburg, Hamburg, Germany (Hybrid)
1 Month ago
Patreon - Engineering Manager

Patreon

New York, New York, United States (Hybrid)
4 Months ago
Rackspace Technology - Operational Lead – Day-to-Day Operations

Rackspace Technology

Riyadh, Riyadh Province, Saudi Arabia (On-Site)
1 Month ago
TransUnion - Director, Alternative Data Solutions

TransUnion

Chicago, Illinois, United States (Hybrid)
2 Months ago
Blazesoft - Senior Manager, Performance Marketing (iGaming)

Blazesoft

Vaughan, Ontario, Canada (On-Site)
3 Months ago
PhonePe - Assistant Manager Legal/Manager Legal

PhonePe

Bengaluru, Karnataka, India (On-Site)
3 Weeks ago

Get notifed when new similar jobs are uploaded

Jobs in Bucharest, Bucharest, Romania

Ceragon Networks - Technical Project Manager/Roll out Manager

Ceragon Networks

Bucharest, Romania (Hybrid)
4 Days ago
Assist software  - Azure DevOps Engineer

Assist software

Suceava, Suceava County, Romania (Remote)
8 Months ago
London stock Exchange - Senior Specialist, Paid Search

London stock Exchange

Bucharest, Bucharest, Romania (On-Site)
1 Month ago
Crowd Strick - IAM Security Architect

Crowd Strick

Romania (Remote)
2 Months ago
NVIDIA - Backend Engineer, Full Chip Layout

NVIDIA

Iași, Iași County, Romania (Remote)
4 Months ago
Amber - Digital Content Specialist

Amber

Bucharest, Romania (Hybrid)
2 Weeks ago
logifuture - Senior AQA Engineer

logifuture

Bucharest, Bucharest, Romania (Hybrid)
3 Months ago
Evolution  - Shuffler

Evolution

Bucharest, Romania (On-Site)
4 Days ago
Tesla - Parts Advisor

Tesla

Timișoara, Timiș, Romania (On-Site)
5 Months ago

Get notifed when new similar jobs are uploaded

Operations Jobs

Universal Music Group - Assistant Manager, eCommerce Operations

Universal Music Group

La Vergne, Tennessee, United States (On-Site)
1 Month ago
Alpha Sense - Manager, Customer Operations

Alpha Sense

Chicago, Illinois, United States (On-Site)
2 Months ago
Luma - Senior Manager, People Operations

Luma

Palo Alto, California, United States (Hybrid)
1 Month ago
Cred - People Operations

Cred

Bengaluru, Karnataka, India (On-Site)
4 Days ago
Remote - Benefits Associate, Operations - Southeast Asia

Remote

Philippines (Remote)
18 Hours ago
Sporty - IN Associate - Payment Operations Support

Sporty

Mumbai, Maharashtra, India (On-Site)
8 Months ago
Shield AI - Strategy and Operations Manager (R3287)

Shield AI

San Diego, California, United States (On-Site)
1 Day ago
Capco - Senior Operations Analyst / Hybrid

Capco

Rio De Janeiro, Brazil (Hybrid)
1 Month ago
Omitron - Instructor - Space Command & Control (C2) Operations

Omitron

Colorado Springs, Colorado, United States (On-Site)
19 Hours ago
pentair - 2nd Shift Machine Operator II

pentair

Delavan, Wisconsin, United States (On-Site)
1 Week ago

Get notifed when new similar jobs are uploaded

About The Company

CrowdStrike was founded in 2011 to fix a fundamental problem: The sophisticated attacks that were forcing the world’s leading businesses into the headlines could not be solved with existing malware-based defenses. Founder George Kurtz realized that a brand new approach was needed — one that combines the most advanced endpoint protection with expert intelligence to pinpoint the adversaries perpetrating the attacks, not just the malware. There’s much more to the story of how Falcon has redefined endpoint protection but there’s only one thing to remember about CrowdStrike: We stop breaches.
View All Jobs

Get notified when new jobs are added by Crowd Strick

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug