Cybersecurity Incident Response Analyst

Mars is seeking a highly motivated and experienced Cybersecurity Incident Response Analyst to join our team. As the EU Lead for our Incident Response (IR) team, you will play a critical role in protecting our organization from cyber threats and ensuring business continuity. You will be responsible for leading and executing incident response activities within the European region, collaborating with global teams, and providing expert guidance on cybersecurity best practices.

What are we looking for?

Essential Requirements:

• 3+ years of experience in cybersecurity incident response or a Security Operations Center (SOC), including hands-on experience with incident triage, investigation, containment, eradication, and recovery. This should include experience with detection and response tools (EDR, XDR, NDR).
• Strong understanding of common attack vectors (e.g., malware, phishing, ransomware, social engineering) and the MITRE ATT&CK Framework.
• Proven ability to analyze security logs, network traffic, and other relevant data sources to identify and investigate security incidents. Experience with security information and event management (SIEM) systems.
• Excellent written and verbal communication skills, with the ability to effectively communicate complex technical information to both technical and non-technical audiences.
• Demonstrated ability to work effectively as part of a cyber security team, collaborating with colleagues to address security challenges and ensure cohesive, coordinated efforts during investigations and resolutions

Nice-to-haves:

• Hands-on experience with cloud security tools and services (e.g., CloudTrail, CloudWatch, Security Center, IAM). Experience with container security and orchestration tools (e.g., Docker, Kubernetes).
• Experience with scripting languages (e.g., Python, PowerShell).
• Knowledge of relevant cybersecurity frameworks and standards (e.g., NIST Cybersecurity Framework, ISO 27001).
• Industry certifications such as AWS Certified Security - Specialty, Azure Security Engineer Associate, CISSP, CISA, etc.

What will be your key responsibilities?

• Lead and execute incident response activities within the EU region, including triage, investigation, containment, eradication, and recovery. Collaborate with global IR team members and stakeholders to ensure consistent and effective incident response across the organization.
• Monitor Cybersecurity Threat Intelligence (CTI) platforms to stay abreast of the latest cybersecurity threats and vulnerabilities and adapt incident response strategies accordingly. Develop CTI briefs regarding critical vulnerabilities for dissemination across the organization.
• Develop and maintain incident response plans and playbooks, as tools, technology, and the organization change.
• Provide security awareness training and guidance to employees within the EU region.

What can you expect from Mars?

• Work with diverse and talented Associates, all guided by the Five Principles.
• Join a purpose driven company, where we’re striving to build the world we want tomorrow, today.
• Best-in-class learning and development support from day one, including access to our in-house Mars University.
• An industry competitive salary and benefits package, including company bonus.

#TBDDT

Mars is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. If you need assistance or an accommodation during the application process because of a disability, it is available upon request. The company is pleased to provide such assistance, and no applicant will be penalized as a result of such a request.