First American

Technical Incident Response Analyst

First American$70K — $95K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3+ years of incident response or cybersecurity operations experience.
  • Hands-on experience with SIEM and incident response tools.
  • Familiarity with network security, firewall technologies, and endpoint protection.
  • Experience analyzing logs from multiple data sources.
  • Exposure to Linux systems preferred.

Responsibilities

  • Monitor security alerts from SIEM and other platforms.
  • Investigate and document reported security incidents.
  • Act as primary investigator for identified security incidents.
  • Follow incident response playbooks to mitigate threats.
  • Review logs and user activity for suspicious behavior.
  • Correlate data to support investigations and track incidents.
  • Collaborate with teams during investigations and follow up on alerts.

Benefits

  • Professional development opportunities.
  • Encouragement for qualified military veterans to apply.
  • Ability to learn and adapt to new technologies and practices.
  • Occasional travel for training may be required.
Full Job Description
Job Description

The Technical Incident Response Analyst is responsible for monitoring, analyzing, and responding to cybersecurity alerts and incidents across enterprise infrastructure and security platforms. This role serves as a primary investigator for security events, ensuring timely detection, containment, remediation, documentation, and escalation of incidents in alignment with established incident response playbooks, regulatory requirements, and internal controls.

 

The position combines real‑time alert monitoring, technical investigation, firewall and configuration change validation, and execution of defined recurring operational tasks to maintain a strong security posture across the organization.

 

DUTIES & RESPONSIBILITES

  • Monitor and respond to cybersecurity alerts generated from SIEM provider dashboards and security monitoring platforms.
  • Investigate, remediate, and document security incidents reported through automated alerts, tickets, emails, phone calls, or external SOC notifications.
  • Act as the primary investigator for potential security incidents identified by SOC analysts or monitoring tools.
  • Follow documented incident response playbooks while exercising sound judgment to contain and remediate threats.
  • Investigate phishing emails, user‑reported security concerns, and potential attempts at fraud or financial loss.
  • Review authentication, endpoint, network, and application activity for anomalous or malicious behavior.
  • Analyze firewall logs, IDS alerts, intrusion prevention activity, anti‑malware events, server logs, and application logs.
  • Monitor intrusion detection systems, for indicators of compromise or suspicious activity.
  • Correlate data across SIEM, IDS, endpoint, and firewall platforms to support incident investigations.
  • Perform log reviews using standardized incident response and log review templates.
  • Perform reconciliation of firewall rule and configuration changes.
  • Validate that all changes are authorized, approved, and compliant with change management and security policies.
  • Identify unauthorized or out‑of‑policy changes and escalate violations as required

Execute daily, weekly, and periodic tasks defined in the Incident Response recurring task schedule, including:

 

         Reviewing Microsoft Defender security incidents and assigning or resolving alerts.         

         Reviewing external SOC (e.g., Proficio) incident tickets to ensure proper closure.

         Reviewing SIEM and Kibana dashboards for authentication failures and other abnormal activity.

         Validating completion and documenting evidence through screenshots and reports.

  • Document incident activity, evidence, analysis, and remediation actions in an audit‑ready manner.
  • Communicate incident status clearly to Information Security leadership, infrastructure teams, and management.
  • Provide incident reporting suitable for internal audit, regulatory examination, and compliance reviews.
  • Track incidents end‑to‑end to ensure timely closure and proper documentation.
  • Participate in SOC and security working group sessions to improve detection rules and reduce false positives.
  • Review and update automated alerts and incident response playbooks for accuracy and effectiveness.
  • Collaborate with networking, systems, endpoint, and application teams during investigations.

 

QUALIFICATIONS

  • Minimum of three years of experience directly related to incident response, security monitoring, or cybersecurity operations.
  • Hands‑on experience with SIEM platforms, incident response tooling, and alert monitoring solutions.
  • Experience with firewall technologies, network security concepts, and endpoint protection platforms.
  • Experience performing log analysis and incident investigations across multiple data sources.
  • Exposure to Linux operating systems preferred.

Working knowledge of:

 

         SIEM and security monitoring platforms

         Firewalls, TCP/IP networking, LAN/WAN infrastructure

         Endpoint protection and anti‑malware solutions

         IDS/HIDS platforms

         Microsoft 365 security tools

  • Demonstrated ability to reconcile configuration changes and validate security controls.
  • Qualified military veterans are encouraged to apply.
  • Must be professional, comfortable speaking with external and internal contacts with a demonstrated ability to tailor the message appropriately to the audience and situation effectively.
  • Ability to relay technical information to both technical and non-technical personnel.
  • Ability to write technical documentation.
  • Demonstrated ability to convey thoughts and ideas effectively and succinctly via written formats, including emails, letters, and electronic platforms. Maintain professional standards relating to spelling and grammar.
  • Maintain credibility through professional demeanor, appearance, and presence by modeling standards appropriate to our environment and industry.
  • Maintain good working relationships with internal partners by exhibiting exemplary interpersonal skills, adopting a constructive, solutions-focused approach.
  • Use sound professional judgment to balance the interests of the organization and customer, understanding and using available resources to mitigate risks.
  • Proficiency with Microsoft 365 products and applications, including the ability to effectively prepare or review documents, procedures, and reports.
  • Proficiency in Network Management and Firewalls, Servers, TCP/IP Schema, Remote Access Solutions, & NFS/ISCCI/CIFS networking/storage interdependencies.
  • Demonstrated ability to learn new systems and applications, as well as the ability to understand, adapt and adjust responsibilities/workflows as a result of system upgrades. 
  • Occasional travel to other First American Bank locations, Bank functions, and training facilities may be required.
  • Typical schedule is Monday through Friday 8:00 a.m. to 5:00 p.m. Additional hours may be required depending upon business need.
  • Rotational Saturday work and off-hours on-call availability.
  • Punctuality is required to maintain First American Bank’s customer service standards.

About First American

First American provides financial services through its Title Insurance and Services segment and its Specialty Insurance segment. The First American Family of Companies' core business lines include title insurance and closing/settlement services; title plant management services; title and other real property records and images; valuation products and services; home warranty products; property and casualty insurance; and banking, trust, and investment advisory services.

First American Careers

Join the vibrant team at First American, a leading company renowned for its commitment to innovation, leadership, and professional excellence. As one of the most respected names in the industry, First American offers unparalleled job opportunities that propel your career to new heights.

Work You’ll Do

At First American, your work transcends ordinary job responsibilities. You will be part of a dynamic team that drives industry standards through innovation and leadership. Engage in projects that transform our services and, by extension, the industry itself, making an impact that matters.

Explore a World of Opportunities

Whether you're looking for an entry-level position or a more senior role, First American presents a spectrum of career paths across various departments. Our job opportunities are designed to foster professional growth and personal achievement.

Internship Programs

Kickstart your career with First American’s internship programs. These opportunities are perfect for gaining real-world experience, enhancing your skills, and networking with industry leaders. Our internships provide a robust foundation for future employment and are a stepping stone to full-time positions within the company.

Culture and Benefits

First American is committed to creating a workplace where every team member feels valued. We celebrate diversity and are dedicated to creating an inclusive environment. Our benefits package is comprehensive, supporting both your professional and personal life, including health, wellness, and continuous learning opportunities.

Professional Development and Training

We believe in nurturing our team’s skills through targeted training programs, including leadership development and diversity training. These initiatives ensure that you are equipped to meet the challenges of today and tomorrow, fostering an environment of continuous improvement and personal growth.

Join Our Team

Embark on your First American journey today by exploring the various positions available. We are actively hiring and looking for talented individuals who are passionate, curious, and driven to excel. Check out our open positions, tailor your resume, and prepare for an interview where you can showcase your unique abilities.

Stay Connected

Keep up to date with the latest in career tips, industry news, and job openings at First American. Subscribe to our job alert emails and never miss an opportunity to advance your career with us.

Networking and Growth

At First American, career growth is complemented by opportunities to connect and collaborate with professionals across the company. Engage in networking events that can open doors to numerous career paths and professional relationships.

Why First American?

Choosing First American means opting for a career where your skills are appreciated and your contributions are valued. Here, every employee is empowered to reach their full potential, supported by our culture of growth, leadership, and innovation. Join First American today and be part of a team that is reshaping the future through exceptional service, dedication, and a commitment to excellence. Explore the positions we have available and take the first step towards a rewarding career at First American.
Learn more about First American
Size
22,233 employees
Market Cap
$5.4 billion
Industry
Net Income
$696.4 million
Founded
1889
5 Year Trend
+10.6%
Revenue
$7 billion
NASDAQ

Similar Jobs

More Jobs at First American

More Information Technology Jobs

Find similar Technical Incident Response Analyst jobs: