Accelerate your career.

Explore opportunities across TA's portfolio

Incident Response Analyst III



Waltham, MA, USA
Posted on Tuesday, May 21, 2024

At ZoomInfo, we encourage creativity, value innovation, demand teamwork, expect accountability and cherish results. We value your take charge, take initiative, get stuff done attitude and will help you unlock your growth potential. One great choice can change everything. Thrive with us at ZoomInfo.

We are looking for a motivated and results-oriented Senior Security Analyst to play a pivotal role in safeguarding ZoomInfo’s best in class data assets. This position will support the operational activities of the SOC team, to include monitoring and incident response. As a member of the Cyber Security Operations team, you will influence security policies and standards while also balancing security needs with user experience.

What you will do:

  • Respond to escalations from tier 1 and 2 analysts, provide guidance in resolving complex security incidents.
  • Contribute to the overall direction and improvement of the SOC.
  • Analyze potential security incidents to determine the impact/scope of the incident using forensic analysis and incident response methodologies.
  • Knowledge of digital forensics tactics, tools, and techniques to assist in incident resolution.
  • Follow and help create Incident Response procedures and playbooks for preliminary log collection, incident investigations, determining root cause, containing the threat, and building protections against future infections.
  • Interface and drive response/project work forwards with technical personnel and other teams in the ISO as well as the larger organization as required.
  • Follow and help create escalation procedures to counteract and contain potential threats.
  • Appropriately inform and advise the SOC and IR Managers on incidents and incident prevention, while helping to coordinate the Analyst Teams while functioning as site/shift lead(s).
  • Drive documentation improvements of SOC processes/tools/knowledge based upon observations and feedback from the Analyst Teams.
  • Conduct network, endpoint, and log analysis by utilizing various consoles on a regular basis (e.g., SIEM, IPS, firewall, EDR, Advanced malware detection etc.)
  • Candidates are expected to help lead interactions with other team members, management, and other IT teams (Workstation, Network, Server, Cloud, etc.)
  • Utilize a deep understanding of attack signatures, tactics, techniques, and procedures associated with advanced threats, while using security domain knowledge to improve our defenses/detection mechanisms
  • Drive our automation and programmatic improvement of cyber response processes forwards

What you will bring:

  • Working knowledge of SIEM, Incident Response, Log Analysis, Triaging, Cyber Threat intelligence, and automation solutions.
  • Bachelor's degree in IT, InfoSec, Computer Science, or a related discipline.
  • 4+ years working in Cyber Security Operations, with preferably 2+ years working in the higher tiers of SOC in a Cloud environment (AWS, GCP, Azure)
  • Excellent oral and written communication skills with the ability to deliver accurate and concise information to stakeholders across the organization.
  • Advanced and in-depth problem-solving & analytical skills demonstrated in an IT or security related area, preferable in a SOC/IR environment.
  • Demonstrates passion about the information security field and cyber defense, including commitment to training, self-study, and maintaining proficiency in technical skills and knowledge.
  • Demonstrates an understanding of IT and Cloud security practices and tools.
  • Scripting background (Python, Perl, bash, etc.)
  • Experience with Splunk Enterprise Security - advantage

Nice to have

  • IT Security certifications (e.g., Security+, GSEC, GCIH, GMON, GCTI, GNFA, GCWN, GREM, OSCP, other advanced cyber security certifications, etc.)
  • Innovative and willing to raise unique/original ideas.
  • Prior work with malware labs/sandboxes is a major plus.
  • Demonstrates a strong proficiency with endpoint, networking, and server operations.



Actual compensation offered will be based on factors such as the candidate’s work location, qualifications, skills, experience and/or training. Your recruiter can share more information about the specific salary range for your desired work location during the hiring process. We want our employees and their families to thrive.

In addition to comprehensive benefits we offer holistic mind, body and lifestyle programs designed for overall well-being. Learn more about ZoomInfo benefits here.

Below is the US base salary for this position. Additional compensation such as Bonus, Commission, Equity and other benefits may also apply.
$100,800$138,600 USD

About us:

ZoomInfo (NASDAQ: ZI) is the trusted go-to-market platform for businesses to find, acquire, and grow their customers. It delivers accurate, real-time data, insights, and technology to more than 35,000 companies worldwide. Businesses use ZoomInfo to increase efficiency, consolidate technology stacks, and align their sales and marketing teams — all in one platform.

ZoomInfo may use a software-based assessment as part of the recruitment process. More information about this tool, including the results of the most recent bias audit, is available here.

ZoomInfo is proud to be an Equal Opportunity employer. We are committed to equal employment opportunities for applicants and employees regardless of sex, race, age, color, national origin, sexual orientation, gender identity, marital status, disability status, religion, protected military or veteran status, medical condition, or any other characteristic or status protected by applicable law. At ZoomInfo, we also consider qualified candidates with criminal histories, consistent with legal requirements.