Senior MDR Analyst (L3)

Acronis is a global leader in cyber protection, delivering natively integrated solutions that monitor, control, and protect the data that businesses and lives depend on. Driven by our passion to protect every workload, we’ve built the industry’s only all-in-one cyber protection platform. We are looking for a Senior MDR Analyst to join us in protecting the digital world.
The Senior MDR Analyst leads the investigation and resolution of complex EDR/XDR incidents within the Acronis MDR service. This role focuses on advanced threat analysis, autonomous decision-making on remediation strategies, and delivering strategic guidance to customers, while driving continuous service improvement across the MDR pipeline.
The analyst will partner with the AI engineering team to architect and refine automated triage and Agentic AI capabilities within the MDR workflow, and will mentor junior and mid-level analysts to elevate overall team capability. This is a leadership-track role, with opportunities to shape detection engineering strategy, drive proactive threat hunting initiatives, and influence the evolution of the MDR service.

Responsibilities

• Lead investigation of complex EDR/XDR incidents, ensuring accurate triage, root cause analysis, and severity assessment
• Design and execute advanced remediation strategies including workload isolation, threat containment, and recovery coordination
• Mentor junior and mid-level analysts, conducting case reviews and knowledge-sharing sessions
• Drive collaboration with AI engineering to architect automated triage, correlation, and response workflows
• Handle escalated incidents end-to-end, making autonomous decisions on response actions and customer communication
• Own development and continuous improvement of playbooks, automation rules, and detection logic across the MDR pipeline
• Communicate proactively with customers via email and phone, providing strategic recommendations and post-incident reviews
• Track emerging threat landscape, attacker tradecraft, and translate intelligence into actionable detection improvements
• Work 5-day/8-hour schedule, with flexibility for morning or afternoon shifts and weekend coverage, acting as escalation point during critical incidents

Requirements

• 3–6 years of experience in SOC, MDR, or security operations, with demonstrated progression in incident handling complexity
• Deep expertise in EDR/XDR operations, threat hunting, and end-to-end incident response workflows
• Advanced knowledge of attacker TTPs, MITRE ATT&CK framework, and ability to map real-world incidents to techniques systematically
• Expert-level log analysis in Kibana or equivalent, capable of rapid correlation across multiple data sources under pressure
• Hands-on experience building or optimizing workflows in security tools (EDR, SIEM, SOAR) with proven contributions to automation and process improvement
• Ability to independently drive investigations, make judgment calls on ambiguous cases, and document findings to a reproducible standard
• Strong communication skills with experience delivering technical and executive-level updates to customers via email and phone
• Strong analytical mindset with attention to details and ability to coach others on investigative rigor

WHO WE ARE

#L1-WC1