Principal Incident Response Analyst

We are looking for an accomplished, high-performing Principal Incident Response Analyst for our Threat Detection & Response team with experience performing digital forensics, incident response, and threat hunting. The Principal Incident Response Analyst is responsible for ensuring the confidentiality, integrity, and availability of critical information and IT assets. This role requires a deep understanding of cybersecurity principles, incident response methodologies, digital forensics, and the ability to work efficiently under pressure.

What you'll do:

• Conduct in-depth analysis of security events and indicators to determine the nature and severity of incidents.
• Respond promptly to security incidents, following established incident response procedures.
• Coordinate and collaborate with cross-functional teams to contain and mitigate cyber threats effectively.
• Perform forensic investigations to determine the root cause of incidents and develop appropriate remediation strategies.
• Lead regular threat hunt activities to identify and investigate gaps in detection.
• Utilize threat intelligence and industry best practices to enhance incident detection capabilities.

What you'll bring:

• 5+ years of cyber incident response experience in a large and complex environment. Relevant industry certifications are highly desirable (CISSP, GCIH, GFCA, GREM, ECIH).
• Subject matter expertise with security tools and technologies, such as SIEM, IDS/IPS, EDR, and network monitoring solutions.
• Strong knowledge of incident response methodologies, including containment, eradication, recovery, and common security frameworks (NIST, SANS, CSA).
• Ability to acquire and analyze endpoint and network artifacts, volatile memory, malicious files/binaries and scripts.
• Experience with forensic tools, such as Encase, FTK, Axiom, Velociraptor, KAPE, EZtools, Autopsy, and THOR to carry out digital forensic investigations.
• Collaborate with other forensic analysts, law enforcement officers, and legal experts to identify methods and procedures for recovery, preservation, and presentation of computer evidence, ensuring proper precautions are taken in the preservation and prevention of spoliation of electronic evidence.

#LI-REMOTE

Stay up to date on everything Blackbaud, follow us on Linkedin , Twitter , Instagram , Facebook and YouTube

Blackbaud is a remote-first company which embraces a flexible remote work culture. Blackbaud supports hiring and career development for all roles from the location you are in today!

Blackbaud is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.

To all recruitment agencies: We do not accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes.

A notice to candidates: Recruitment Fraudulent Alert: Your personal information and online safety as a candidate mean a lot to us! At Blackbaud and our portfolio of companies, recruiters only direct candidates to apply through our official careers page at https://careers.blackbaud.com/us/en or our official LinkedIn page. Recruiters will never request payments, ask for financial account information or sensitive information like social security numbers, or conduct interviews via Skype. Anyone suggesting otherwise is not a representative of Blackbaud. If you are unsure if a message is from Blackbaud, please email [email protected] .

The starting base pay is $101,900.00 to $132,800.00. Blackbaud may pay more or less based on employee qualifications, market value, Company finances, and other operational considerations.

Benefits Include:

• Medical, dental, and vision insurance
• Remote-first workforce
• 401(k) program with employer match
• Flexible paid time off
• Generous Parental Leave
• Volunteer for vacation
• Opportunities to connect to build community and belonging
• Pet insurance, legal and identity protection
• Tuition reimbursement program