Incident Response Analyst - Cyber Security

Technical Support Santa Clara, California United States, Remote


Our Mission


At Palo Alto Networks® everything starts and ends with our mission:


Being the cybersecurity partner of choice, protecting our digital way of life.


We have the vision of a world where each day is safer and more secure than the one before. These aren’t easy goals to accomplish – but we’re not here for easy. We’re here for better. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.


Your Career


We are seeking a motivated security expert who will be part of a special incident response team and play a critical role in assisting customers to triage security events, including investigation of technical details and coordination with multiple cross-functional stakeholders - from company CSO’s and professional services consultants to our world-class threat research team.


This is a unique opportunity to be a part of a team that is at the center of upholding the company’s mission, sharing and influencing best practices, and aiding customer organizations as they seek a trusted partner to navigate unique and time-sensitive security incidents.


Do you have quick-thinking skills, inquisitive nature, ability to quickly assess unique situations, draw conclusions on limited data, determine best recommended next steps, and report out key facts, lessons learned and actions completed on each incident.? Including identifying trends over time that can help influence how the team grows and the company invests to further assist customers.


Your Impact


        Lead investigations by assisting customers to analyze security alerts and coordinating response activities

        Serve as POC for triaging and quarter-backing unique customer security incidents

        Gather event intelligence and indicators of compromise to assess incident severity, and recommend appropriate cross-functional stakeholders for assistance

        Follow through on recommended actions, and with engaged partners to drive incident resolution

        Track lessons learned and detection gaps to inform best-practices and R&D roadmap

        Produce clear, accurate and detailed reports, as well as concise executive summaries, on each incident for account teams, executives and all appropriate constituents

        Closely monitor security industry news for noteworthy incidents and take the initiative to contact associated account teams and assess events for appropriate action

        Identify and implement mechanisms to streamline information gathering and speed the process by which key information is disseminated to key constituents and incident is resolved

        Initiate, drive and participate in efforts to educate internal colleagues at all department levels on the philosophies, processes, and practices of the incident response team

        Work directly with international support and communications colleagues to ensure 24x7 assistance can be provided as needed


Your Experience


        Minimum 5+ years working in a security-focused or analyst role

        Experience with security incident management in medium to large organizations

        Knowledge of Palo Alto Networks products

        Strong understanding of security operations: perimeter defense, forensics, incident response, kill chain analysis and risk assessments

        Advanced knowledge of network analysis tools such as Wireshark, TCPDump, and Scapy

        Strong written and verbal skills are required

        Working knowledge of malware analysis, including construction, usage and detection techniques

        Scripting experience and experience developing or integrating security tools using APIs

        Solid grasp of security industry terms, trends and technologies with the ability to translate technical information into meaningful and actionable points

        Ability to work under pressure and deliver quality summaries against tight deadlines

        A collaborative and flexible personality that allows for building strong relationships across the company and different international colleagues

        Familiarity with is preferred

        Flexibility and a sense of urgency with regards to timely communications that may require flexible work hours and accommodation for interactions across various time zones


The Team


Our Customer Support team is critical to our success and mission. As part of this team, you enable customer success by providing support to clients after they have purchased our products. Our dedication to our customers doesn’t stop once they sign – it evolves. As threats and technology change, we stay in step to accomplish our mission.


You’ll be involved in implementing new products, transitioning from old products to new, and will fix integrations and critical issues as they are raised – in fact, you’ll seek them out to ensure our clients are safely supported. We fix and identify technical problems, with a pointed focus on providing the best customer support in the industry.


Our Commitment


We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.


We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at


Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.