[Remote] Level 3 Incident Response Analyst - National General

Note: The job is a remote job and is open to candidates in USA. National General is a part of The Allstate Corporation, which means we have the same innovative drive that keeps us a step ahead of our customers’ evolving needs. We’re seeking an experienced and adaptable Cybersecurity professional with a strong background in incident response to join our team as a Level 3 Incident Response Analyst, where you will lead incident response activities and mentor junior analysts.

Responsibilities
• Lead end‑to‑end incident response activities from triage through closure
• Manage high‑severity threats from start to finish, ensuring all actions are thoroughly completed
• Partner with engineering teams to improve detection rules and integrate tooling that enhances security capabilities
• Facilitate incident response retrospectives and surface operational gaps and improvement opportunities
• Mentor SOC analysts and serve as a subject‑matter expert for complex security challenges
• Help refine and maintain SOC workflows to ensure clarity, efficiency, and ongoing maturation
• Analyze large volumes of security telemetry to identify patterns, build custom queries, and uncover hidden threats
• Develop application‑specific detection rules and response procedures with system and application owners
• Coordinate evidence collection and produce documentation for both technical and non‑technical audiences
• Contribute to the development of operational and executive reporting
• Create and prioritize backlogs that drive desired business outcomes by incorporating insights and improvement actions identified during incident response retrospectives
• Maintain active communication with teammates and cross‑functional partners to strengthen overall response capability

Skills
• 7+ years of hands‑on Cybersecurity experience, including 5+ years in Incident Response and/or Digital Forensics
• Strong background in Incident Response, Incident Handling, and Security Operations
• Extensive knowledge of the Windows and Linux operating systems and associated applications (IIS, SQL, Apache, etc)
• Strong knowledge of cloud computing services including Azure, GCP, & AWS
• Proficiency with EDR/XDR platforms (CrowdStrike, SentinelOne, Microsoft XDR)
• Experience using SIEM platforms (Splunk, Microsoft Sentinel, Elastic, Chronicle)
• Experience administering Next Generation firewalls (Cisco ASA, Palo Alto)
• Practical knowledge of MITRE ATT&CK and common threat‑actor TTPs
• PCAP and network‑traffic analysis skills using Wireshark or Zeek
• Scripting familiarity (Python, PowerShell, Bash)
• Excellent written and verbal communication skills
• Experience with cloud‑native security monitoring and incident response (AWS, Azure, GCP)
• SIEM detection rule development or tuning experience
• Experience in large enterprise or multi‑cloud environments
• Certifications such as GCFA, GCIH, CISSP, SC‑200, AZ‑500, SC-100, or equivalent
• Familiarity with NIST 800‑61, MITRE D3FEND, ISO 27001, HIPAA, PCI‑DSS
• Experience with Outcome‑Based Delivery and Agile methodologies
• Experience with generative and agentic AI

Company Overview
• As part of the Allstate family of companies, National General, an Allstate company, is one of the largest insurers in the United States. It was founded in 1920, and is headquartered in New York, New York, USA, with a workforce of 5001-10000 employees. Its website is http://www.nationalgeneral.com.

Apply tot his job

Apply To this Job

Ready to Apply?

Don't miss out on this amazing opportunity!