Staff Incident Response Specialist

Join ABBYY and be part of a team that celebrates your unique work style. With flexible work options, a supportive team, and rewards that reflect your value, you can focus on what matters most – driving your growth, while fueling ours.

Our commitment to respect, transparency, and simplicity means you can trust us to always choose to do the right thing.

As a trusted partner for purpose-built AI and intelligent automation, we solve highly complex problems for our enterprise customers and put their information to work to transform the way they do business. Over 10,000 customers trust ABBYY, including many Fortune 500 ones. You will work on further developing a portfolio already containing client names such as DHL, Johnson & Johnson, FDA, DMV, PwC, KeyBank, Spotify, and H&R BLOCK.

As part of our commitment to cybersecurity, we are looking for a skilled Staff Incident Response Specialist to join our growing security operations team. In this role, you will play a crucial part in responding to, mitigating, and recovering from security incidents, ensuring that threats are identified and neutralized quickly to protect our infrastructure. You'll work alongside a team of experts to continuously improve our incident response processes and reduce the organization's exposure to cyber risks.

Position Overview
The Staff Incident Response Specialist will be responsible for detecting, investigating, and responding to security incidents across the organization. This includes identifying malicious activity, performing forensic analysis, coordinating response efforts, and helping to remediate incidents while minimizing business impact. You will be a key player in our security operations, applying your expertise to prevent incidents and strengthen our security posture.

Key Responsibilities

• Incident Detection & Analysis:

Monitor security alerts and logs from various sources, such as SIEMs, endpoint detection tools, firewalls, and IDS/IPS systems, to detect and analyze potential security incidents.

• Incident Response & Mitigation:
  Respond to security incidents by following established incident response processes. Identify, contain, and mitigate threats across network, cloud, and endpoint environments to limit damage and prevent escalation.
• Forensic Investigation:
  Perform forensic analysis to investigate security events, determine the scope and cause of incidents, and collect evidence for further analysis. Utilize tools such as EnCase, FTK, or open-source forensic tools for disk and memory analysis.
• Collaboration & Escalation:
  Work closely with internal teams, including IT, network operations, legal, and compliance, to coordinate incident response and escalation. Provide technical expertise and guidance throughout the response process.
• Incident Documentation & Reporting:
  Maintain detailed documentation of security incidents, including timelines, actions taken, lessons learned, and any recommendations for future prevention. Provide reports to management and other stakeholders, summarizing incidents and outcomes.
• Root Cause Analysis & Remediation:
  After an incident is contained, lead root cause analysis (RCA) efforts, identify weaknesses, and work with IT and engineering teams to implement corrective measures to prevent future incidents.
• Continuous Improvement:
  Contribute to the development and refinement of incident response procedures, playbooks, and runbooks. Recommend improvements to tools, processes, and technologies to enhance detection and response capabilities.
• Security Monitoring & Threat Intelligence:
  Stay up to date on the latest threats, vulnerabilities, and attack techniques by researching current cyber threats and integrating relevant threat intelligence into response strategies. Apply threat intelligence to improve detection and response efforts.
• Training & Awareness:
  Provide support in training and awareness initiatives for staff to improve overall incident response readiness. Assist in running tabletop exercises, simulation drills, and incident response training programs.
• Compliance & Legal Support:
  Ensure incident response practices align with relevant regulatory and compliance requirements (e.g., GDPR, HIPAA, PCI-DSS). Assist in supporting investigations, legal processes, and audits when required.

Qualifications

• Experience:

• 6-9 years of experience in incident response, cybersecurity, or digital forensics.
• Hands-on experience with incident response tools and technologies, such as SIEM (QRadar, Ms Sentinel), EDR (CrowdStrike, Defender), IDS/IPS, and forensic tools (e.g., EnCase, FTK, Autopsy).
• Practical experience with investigating security incidents, including malware analysis, data breaches, ransomware attacks, and denial-of-service (DoS) incidents.
• Technical Skills:
• Solid understanding of networking protocols, operating systems (Windows, Linux, macOS), and security technologies (firewalls, IDS/IPS, endpoint protection).
• Familiarity with common attack vectors, malware, and exploitation techniques (e.g., phishing, privilege escalation, lateral movement).
• Ability to analyze system logs, network traffic, and other security data to identify signs of compromise.
• Experience with scripting languages (e.g., Python, PowerShell, Bash) for automation and analysis tasks.
• Certifications (Preferred):
• Certified Incident Handler (GCIH)
• Certified Information Systems Security Professional (CISSP)
• GIAC Certified Forensic Analyst (GCFA)
• Certified Ethical Hacker (CEH)
• AWS Certified Security Specialty or equivalent certifications.
• Soft Skills:
• Strong analytical and problem-solving abilities, with keen attention to detail.
• Excellent written and verbal communication skills, with the ability to explain complex technical issues to non-technical stakeholders.
• Ability to work independently and collaboratively in a fast-paced, high-pressure environment.
• Strong organizational skills, with the ability to manage multiple incidents and priorities simultaneously.

#LI-PD1

Join ABBYY, and you will:

Love how you work

• We provide remote and hybrid working options to fit all lifestyles.
• We use flexible hours across most of our teams to allow you to find your own definition of balance.
• Encouraging a culture of giving, we provide two paid volunteering days off every year so you can take time to contribute to the causes you care about.
• To ensure your family is cared for, we offer paid parental leave in all our locations.

Love whom you work with

• We are a global team of 600+ colleagues, spread across 15 countries on four continents.
• With colleagues representing 30+ nationalities, our workforce reflects the world.
• Innovation and excellence run through our veins. Our teams gather the expertise which has garnered ABBYY more than 140 technology patents.
• We are guided by the values of respect, transparency, and simplicity.
• "Team Environment" is in the top three highest-scoring drivers of engagement across all of our departments.

Love what you work on

• We are a company with more than 35 years of experience in the technology market;
• Over 10,000 customers trust ABBYY, including many Fortune 500 ones, with names such as DHL, Johnson & Johnson, FDA, DMV, PwC, KeyBank, Spotify, and H&R BLOCK;
• We have modernized the capture market by creating the first low-code/no-code IDP platform.
• Our Machine Learning, Natural Language Processing, Computer Vision Technologies, and a marketplace built with AI, can transform any document in any process;
• Top Analyst firms recognize ABBYY's market leadership, including Gartner, Everest PEAK Matrix Assessment, ISG Intelligent Automation Lens, and NelsonHall, amongst others.

ABBYY is an Equal Employment Opportunity employer that values the strength that diversity brings to the workplace. To learn more about our commitment to Diversity and Inclusion, check out the careers section on our website.