Threat Response Analyst – Mid-Level

About Kaseya
Kaseya is the leading provider of complete IT Infrastructure and Security Management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide. Our award-winning technologies allow organizations to efficiently manage and secure IT to drive sustained business success.

Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. Kaseya has achieved sustained, strong double-digit growth and is backed by Insight Partners, a global private equity firm investing in high-growth technology and software companies. Learn more at www.kaseya.com.

What You’ll Do
As a Threat Response Analyst, you will:

• Act as a frontline incident responder, leading containment, eradication, and recovery for confirmed threats

• Perform advanced threat hunting across enterprise environments to proactively detect adversarial activity

• Conduct in-depth malware analysis using static and dynamic techniques

• Manage escalations from junior analysts and provide mentorship and technical guidance

• Correlate events across multiple data sources (SIEM, EDR, network logs, cloud platforms) to identify sophisticated attack patterns

• Deliver clear, actionable incident reports and executive-level summaries

• Collaborate with cross-functional teams to ensure remediation and long-term risk reduction

• Contribute to playbook development, threat intelligence enrichment, and detection rules to enhance SOC capabilities

Qualifications

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or equivalent experience

• 3–5 years of hands-on experience in cybersecurity operations, incident response, or threat analysis

• Prior experience in a SOC or IR role with expertise in at least two domains: incident response, malware analysis, threat hunting, digital forensics, or security engineering

• Proficiency with SIEMs, EDR, and network forensic tools (e.g., Splunk, Sentinel, CrowdStrike, Carbon Black)

• Familiarity with common attacker TTPs and frameworks (MITRE ATT&CK, NIST CSF)

• Relevant certifications preferred: GCFR, GCIH, GCIA, Microsoft SC-200, CCNP Security, Linux+, CISA

• Strong ability to communicate technical details to both technical teams and executive leadership

• Experience leading small projects or initiatives within a SOC/CIRT team is highly desirable

What You’ll Bring

• Deep technical knowledge of security concepts, threats, and incident response best practices

• Ability to independently investigate, analyze, and resolve complex security incidents

• Experience with scripting or automation (Python, PowerShell, Bash) to accelerate investigations is a plus

• A proactive mindset with a strong interest in continuous learning and awareness of the threat landscape