As an Incident Response Analyst at Endava, you play a vital role in the Cyber Threat Intelligence and Incident Response team. Your responsibilities include: - Acting as a key responder during security incidents, supporting containment, eradication, and recovery activities. - Performing detailed investigation and analysis of security alerts, intrusions, and malware using EDR, SIEM, and forensic tooling. - Supporting post-incident reviews to identify root causes, control gaps, and lessons learned. - Coordinating with SOC, CTI, IT, legal, and third-party providers during incidents to ensure timely and effective response. - Supporting evidence collection and documentation to meet legal, regulatory, and internal reporting requirements. - Actively supporting Cyber Threat Intelligence operations and initiatives during periods without active incident response activity. Qualifications for this role include: - Degree in Cyber Security, Computer Science, Information Technology, or a related discipline, or equivalent practical experience. - Relevant incident response, blue team, or security operations certification (e.g., GCIH, GCED, or equivalent). - Demonstrated experience in responding to security incidents, labs, or realistic tabletop exercises. With 6-10 years of experience in Incident management, including 3+ years in cybersecurity and at least 2 years in SOC/CTI/Incident Response, you should possess hands-on experience in malware analysis, memory forensics, and log analysis. Your strong understanding of network protocols, secure configurations, and common attack techniques (MITRE ATT&CK) will be beneficial. Additionally, familiarity with SOC tools like SIEM, EDR, Threat Intelligence Platforms, and alerting platforms is required. Your technical skills should include hands-on experience with SIEM and EDR tools, ability to analyze endpoint, network, and log data to identify malicious activity, familiarity with incident response processes, basic malware analysis, and investigation skills. Understanding common attack vectors, vulnerabilities, and exploitation techniques will be essential. In addition to technical skills, you should possess strong problem-solving and analytical skills, ability to remain calm and decisive during high-pressure incidents, excellent communication skills (both technical and non-technical), and a continuous learning mindset with a willingness to explore new tools and methods. Endava offers various global benefits to empower its employees, such as competitive salary packages, career development opportunities, learning opportunities, work-life balance initiatives, health programs, and a supportive community environment. The company is committed to creating an open, inclusive, and respectful workplace where everyone can thrive. As an Incident Response Analyst at Endava, you play a vital role in the Cyber Threat Intelligence and Incident Response team. Your responsibilities include: - Acting as a key responder during security incidents, supporting containment, eradication, and recovery activities. - Performing detailed investigation and analysis of security alerts, intrusions, and malware using EDR, SIEM, and forensic tooling. - Supporting post-incident reviews to identify root causes, control gaps, and lessons learned. - Coordinating with SOC, CTI, IT, legal, and third-party providers during incidents to ensure timely and effective response. - Supporting evidence collection and documentation to meet legal, regulatory, and internal reporting requirements. - Actively supporting Cyber Threat Intelligence operations and initiatives during periods without active incident response activity. Qualifications for this role include: - Degree in Cyber Security, Computer Science, Information Technology, or a related discipline, or equivalent practical experience. - Relevant incident response, blue team, or security operations certification (e.g., GCIH, GCED, or equivalent). - Demonstrated experience in responding to security incidents, labs, or realistic tabletop exercises. With 6-10 years of experience in Incident management, including 3+ years in cybersecurity and at least 2 years in SOC/CTI/Incident Response, you should possess hands-on experience in malware analysis, memory forensics, and log analysis. Your strong understanding of network protocols, secure configurations, and common attack techniques (MITRE ATT&CK) will be beneficial. Additionally, familiarity with SOC tools like SIEM, EDR, Threat Intelligence Platforms, and alerting platforms is required. Your technical skills should include hands-on experience with SIEM and EDR tools, ability to analyze endpoint, network, and log data to identify malicious activity, familiarity with incident response processes, basic malware analysis, and investigation skills. Understanding common attack vectors, vulnerabilities, and exploitation techniques will be essential. In addition to technical skills, you should possess strong problem-solving and