# Incident Response Analyst > Talentgrator · Prague, Czechia (Remote) · Full-time · Posted 2026-04-20 **Workplace:** remote **Department:** Saas Platform| iGaming ## Description We are looking for an **Incident Response Analyst** to join our Security team and operate on the front line of protecting the company’s infrastructure and services. This role is for someone who goes beyond simply reviewing alerts — you investigate incidents deeply, build detection logic, and reduce response time proactively, without waiting for attacks to become obvious. \*Our team is Russian-speaking, so we’re currently looking for candidates with Russian as a native language to ensure smooth and comfortable communication within the team ### What We Expect - 3+ years of experience in Incident Response or Security Operations - Hands-on experience with SIEM platforms (Splunk, ELK/OpenSearch, Graylog, or similar) - Ability to read and interpret logs: OS (Linux/Windows/macOS), network, applications, cloud - Understanding of network protocols and traffic analysis (Wireshark, Zeek, etc.) - Knowledge of attacker tactics and techniques (MITRE ATT&CK, kill chain, IOC/TTP) - Ability to independently lead investigations from alert to final report - Scripting skills for automation (Python / Bash) - Basic understanding of integrating LLM-based tools ### Nice to Have - Experience with SOAR platforms and building playbooks - Experience with EDR/XDR solutions (CrowdStrike, SentinelOne, etc.) - Participation in CTFs, red team / blue team exercises, or pentesting - Experience with cloud logs (AWS CloudTrail, GCP Audit Logs, etc.) - Experience integrating security tools via APIs and automating response using LLM ## Requirements - Work with WAF: analyze anomalous traffic, respond to web attacks, fine-tune rules - Work with DLP and MDM: investigate data leaks, analyze policy violations, collaborate with teams on findings - Monitor and triage alerts in SIEM: analyze events, classify incidents, prioritize response - Integrate new log sources into SIEM: normalization, parsing, enrichment - Develop and improve detection rules, correlation rules, and dashboards - Reduce MTTR: identify bottlenecks in response processes, implement automation and runbooks - Participate in incident post-mortems and provide actionable recommendations - Conduct security incident investigations: collect artifacts, reconstruct timelines, perform root cause analysis (RCA) ## Benefits - 25 vacation days and 5 family days yearly - Flexible start to the workday - Support from a professional corporate coach and psychologist - Regular internal and external activities, workshops, trips, and corporate events - Access to our internal knowledge base, meetups, and team-building activities - Ongoing training in new technologies and continuous professional development support ## Apply [Apply at Talentgrator](https://apply.workable.com/talentgratorjobs/j/3B67966947/apply) --- Powered by [Workable](https://www.workable.com)