×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security

Information Security Operations Analyst​/Incident Response & Forensics Spe

Remote / Online - Candidates ideally in
Madison, Dane County, Wisconsin, 53774, USA
Listing for: Professional Recruiting Consultants, Inc.
Remote/Work from Home position
Listed on 2026-01-13
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security
Salary/Wage Range or Industry Benchmark: 110000 - 140000 USD Yearly USD 110000.00 140000.00 YEAR
Job Description & How to Apply Below
Position: Information Security Operations Analyst / Incident Response & Forensics Spe

Information Security Operations Analyst / Incident Response & Forensics Specialist

Madison, Wisconsin – Hybrid Remote (Flexible work from home days available)

$110,000 to $140,000
• 5+ Years Required

The Information Security Operations Analyst / Incident Response & Forensics Specialist is a critical, hands‑on role responsible for operating and maturing the organization's cybersecurity defense, detection, and response capabilities. This specialist serves as a high‑level escalation point, bridging the gap between proactive threat intelligence and reactive incident management.

The primary focus is two‑fold:
leading the execution of the full incident response lifecycle and conducting comprehensive digital forensic investigations for security breaches, eDiscovery requests, and internal investigations (HR/Legal). The role requires deep technical proficiency, a strong analytical mindset, and the ability to operate under pressure while maintaining strict standards for evidence integrity and regulatory compliance.

Key Responsibilities I. Incident Response & Threat Hunting (The Core Focus)
  • Lead Incident Response: Serve as the primary technical lead in responding to escalated and complex security incidents (e.g., advanced persistent threats, nation‑state attacks, significant data breaches, and sophisticated phishing campaigns).
  • 24/7 Coordination: Coordinate and ensure the timely prioritization, triage, and response to cybersecurity alerts and incidents across a 24/7 operations environment.
  • Containment and Eradication: Execute highly technical containment strategies to limit the scope of an attack and lead the root cause analysis and eradication phase to ensure complete removal of adversary presence.
  • Threat Intelligence Integration: Continuously ingest, review, and analyze incoming threat intelligence feeds, applying best practices to inform proactive threat hunting campaigns using the MITRE ATT&CK framework.
  • Post‑Incident Analysis: Create detailed, high‑quality incident reports and after‑action reviews to document findings, articulate technical concepts to non‑technical stakeholders (including leadership), and identify opportunities for control enhancement.
II. Digital Forensics & Investigations
  • Forensic Investigations: Conduct advanced, forensically sound data collections, imaging, and analysis of compromised systems, volatile memory, cloud environments, and network data in support of active security incidents.
  • eDiscovery & Legal Support: Execute eDiscovery requests and support complex internal investigations led by Legal and Human Resources, ensuring strict maintenance of the chain of custody and evidence integrity in alignment with regulatory and organizational standards.
  • Tool Expertise: Utilize and maintain state‑of‑the‑art forensic tools, such as Magnet Forensics Axiom Cyber
    , for deep‑dive investigations.
III. Security Operations & Program Management
  • Tool Optimization: Maintain and optimize core security technologies, including SIEM (Splunk),
    Extended Detection and Response (XDR) solutions (e.g., Microsoft Defender), and vulnerability scanners, specifically focusing on alert tuning and detection engineering.
  • Risk Remediation: Review findings from penetration tests, vulnerability scans, and security control assessments to identify weaknesses and provide pragmatic recommendations for remediation and control gap closure.
  • Governance and Awareness: Contribute to the development and ongoing maintenance of security policies, standards, processes, and Incident Response Plans (IRPs). Develop and deliver targeted, high‑impact security awareness content for the organization.
Required Experience and Qualifications Education & Experience
  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or equivalent combination of education and/or 5 or more years of progressively responsible professional work experience in security operations, incident response, or digital forensics.
  • Experience in a highly regulated industry is strongly preferred (e.g., Financial Services, Insurance).
  • Experience supporting law enforcement or external regulatory body investigations is preferred.
Technical Expertise
  • Deep, hands‑on…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search