Trend Micro seeks a Security Incident Analyst with strong technical, analytical, and consulting skills to join it’s Managed XDR Operations team. Trend Micro Managed XDR is a Managed Detection and Response (MDR) service that provides detection and response services to customers across the globe. Managed XDR Security Analysts monitor customers network, server, email, and endpoint telemetry (24/7), and use advanced analytics and artificial intelligence (AI) techniques to correlate and prioritize alerts according to severity.

The successful candidate will provide MDR services including incident investigation, forensic examination, and remediation recommendations to our customers.  The Security Incident Analyst will be responsible for performing highly detail-oriented work that involves performing security threat analysis of various malware, email/web attacks, and other suspicious activity.

The Security Incident Analyst should also be active in providing recommendations with a view to improving internal processes, systems & tools. The candidate should also be consistently active in sharing knowledge and findings with colleagues.

Roles and Responsibilities:

• Monitoring and analyzing network traffic, endpoint/server telemetry, security events and related logs using a SIEM solution, looking to detect anomalous activity and participate in incident detection and response activities
• Working with incident responders in the steps to take to investigate and resolve computer security incidents, coordinate with threat operations and threat intelligence specialists to resolve significant, high or critical severity level incidents
• Providing high quality alerts, monthly reports, and remediation advice to customers
• Assist in performing Threat Hunting as needed or perform additional assessment of incidents as required.
• Assist in, and contribute to internal technology or process enhancements in project working groups
• Staying up to date with current vulnerabilities, attacks, and countermeasures
• Must be available to support on-call on a periodic/rotational basis

• At least a bachelor’s degree in a related field
• Other industry related certification/training an advantage – GCIH, GMON, SANS etc.
• At least 2+ years of experience in a full-time security position or Information Security operations, preferably in a position involving threat detection. Previous experience working in a SOC/MDR or MSSP role an advantage.
• Familiarity with Trend Micro products an advantage, or other related technology, such as pattern/signature detection, behavioural monitoring, web/email reputation, sandbox, or Trend Micro’s Connected Threat Defense strategy
• Experience with log analysis, event correlation and incident management procedures and systems, as well as knowledge of host and network log sources
• Experience analyzing network traffic – Good knowledge of TCP/IP protocols, ports, headers etc.
• Experience analyzing endpoint/server telemetry – Good knowledge of underlying Operating Systems
• Previous experience with malware analysis, as well as scripting, is desired. Knowledge of malware/threat actor persistence and lateral movement mechanisms an advantage.