Incident Response Analyst

Trend

AI™, the global AI security leader and enterprise business unit of Trend Micro, empowers organizations with full AI visibility and consolidated security that inspires confidence, drives innovation, and eliminates risk.

This is a hybrid role with a minimum in‑office requirement of 3 days per week in the Las Colinas, Texas office located at 225 E John W Carpenter Fwy #1500, Irving, TX 75062.

As an Incident Response Analyst on the Global Managed Detection & Response (MDR) team, you will build trusted relationships with enterprise customers, translate complex threat data into actionable intelligence, and lead organizations through critical security moments with clarity and control. Working alongside AI systems that accelerate your investigative capabilities, you will compress detection times from hours to minutes, deliver insights that turn incidents into lasting security improvements, and help shape how AI transforms incident response.

• Conduct forensic investigations of security breaches, determine attack vectors, scope, and business impact.
• Lead containment and threat eradication using Trend
  
  AI Vision One™, coordinating with internal teams and customer stakeholders from first alert to resolution.
• Analyze malware and threat components; develop and refine detection rules; generate threat intelligence and IoCs.
• Create executive‑ready incident reports and briefings; recommend security improvements.
• Hunt for advanced threat indicators across customer networks and improve detection logic and fidelity.
• Contribute to automation and AI initiatives that compress response times, reduce analyst burden, and sharpen overall MDR delivery.

• Bachelor’s degree in Computer Science, Cybersecurity, Information Security, or related field.
• 3+ years in security operations with demonstrated expertise in incident response and forensics, malware analysis, and SOC operations or security monitoring.
• Strong written and verbal communication and the ability to translate complex forensic findings to technical and executive audiences.
• Ability to work 24/7 rotating shifts, including nights, weekends, and holidays; willingness to travel when required.

• AI in Practice: familiarity with how AI and automation are reshaping incident response workflows.
• OS & Network Forensics:
  Advanced Windows and Linux forensics (registry, event logs, artifacts, file system analysis).
• Forensics Tools: SIFT Workstation, WinPMEM, dd/dclfdd, Autopsy, Volatility Framework, FTK Imager, Wireshark, Bro/SiLK, Netflow, tcpdump – or similar OS/Network Tools.
• Log Analysis & Correlation: experience with SIEM platforms, syslog analysis, event correlation procedures.
• Malware Analysis: static and dynamic analysis techniques.
• Threat Intelligence: understanding of threat actor TTPs and MITRE ATT&CK framework alignment; experience with threat intelligence platforms.
• Trend
  
  AI familiarity: working knowledge of the Vision One platform or equivalent threat intelligence/XDR platform.

• GCIH (GIAC Certified Incident Handler)
• GCFA / GCFE (GIAC Certified Forensic Analyst / Examiner)
• CISSP or OSCP

Self‑directed learner with aptitude for rapidly mastering new tools and threat landscapes; comfortable working under pressure and in fast‑paced, high‑stakes environments; strong analytical and problem‑solving skills; and ability to collaborate effectively in a global team environment.

• Comprehensive health benefits and paid time off package.
• Pre‑partum, maternity, parental, medical leave, and adoption assistance.
• Mental Health Wellness Program & Annual Wellness Incentive.
• 401(k) with company match.
• Pet Insurance.
• Collaborative and innovative culture.

Trend Micro provides equal employment opportunity for all applicants and employees and does not unlawfully discriminate on the basis of race, color, religion, sex, pregnancy and childbirth or related medical conditions, national origin, ancestry, age, physical or mental disability, medical condition, family care leave status, veteran status, marital status, sexual orientation, or gender identity.

This position does not offer sponsorship for work permit applications or renewals. Candidates must be authorized to work in the U.S. without the need for employment‑based visa sponsorship.