Cybersecurity Forensics and Incident Response Analyst
Listed on 2026-07-03
-
IT/Tech
Cybersecurity
Bosch Cyber Defense has an open position for a passionate, skilled, and experienced cyber forensic and incident response analyst to work as part of the cyber defense team in Pittsburgh, PA, USA. This is a unique opportunity to become part of a global distributed team tasked with protecting the Robert Bosch Group from cybercriminal attacks and threats. We are seeking outstanding professionals to bring new ideas and deep skills of value to Bosch’s cyber defense organization.
These are hands‑on roles that will be expected to dive into cyber security incidents, investigate new attacks and vulnerabilities with impact on the global Bosch organization and proactively consider how to prevent the same type of incidents from occurring in the future. The successful candidate will be expected to play a key role in the identification of threats as well as the corresponding response.
Our Security Analysts play a critical role in protecting the organization through activities such as log analysis, incident response, digital forensics, security tooling development, and risk assessment. In this role, you will be expected to perform effectively in high‑pressure situations, think from both an attacker and defender perspective, and help drive timely, risk‑based decisions across technical and business teams. You should be able to balance technical risk with business priorities and communicate findings, impacts, and mitigation strategies clearly to global stakeholders and leaders at different levels.
The ideal candidate brings strong technical depth, practical experience in information security, excellent written and verbal communication skills, a collaborative mindset, and a willingness to continuously learn and apply new skills.
- Must be able to participate in a rotating on‑call schedule and collaborate effectively across geographically distributed teams. Flexibility to work outside normal business hours during critical incidents or emergency situations is essential for success in this role.
- Must be willing and able to travel occasionally to Stuttgart, Germany, approximately 1–2 weeks annually.
- Lead and support digital forensics and incident response activities across the full lifecycle, including triage, investigation, containment, eradication, recovery, and post‑incident reporting.
- Perform live‑system, offline, and remote compromise investigations; collect, preserve, and analyze forensic artifacts such as memory, disk, endpoint, and network evidence in a forensically sound manner.
- Analyze malicious activity, attack techniques, and compromise scope across systems and networks to identify root cause, business impact, and required remediation actions.
- Coordinate response activities across technical and business stakeholders during critical incidents, ensuring clear communication, strong cross‑functional alignment, and effective decision‑making under pressure.
- Prepare clear, audience‑appropriate updates, reports, and executive summaries, and communicate investigation findings, risks, and recommendations effectively, including in high‑pressure situations.
- Collaborate with SOC, Cyber Threat Intelligence, and other cross‑functional teams to improve detection content, workflows, monitoring visibility, and overall response effectiveness.
- Use and enhance investigative capabilities across SIEM, SOAR, EDR, packet analysis, and forensic toolsets, and recommend improvements to security processes, controls, and response capabilities.
- Proactively identify emerging threats, hunt for suspicious activity, and help drive preventive and detective improvements across the enterprise environment.
- Bachelor’s degree in Computer Science, Electrical Engineering, or a closely related field.
- At least 3 years of hands‑on experience in incident response, digital forensics, or a combination of both, excluding certification‑only experience.
- Strong proficiency in Windows environments, including enterprise security controls in Active Directory‑based infrastructures.
- Proficiency in one or more scripting or programming languages such as Python, Bash, or Power Shell to support…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).