Cybersecurity Incident Response Analyst II
Who We Are
At Avnet, relationships matter. We are a global, FORTUNE 500 technology distributor and solutions company that delivers design, supply chain and logistics expertise to customers at every stage of a product’s lifecycle. Our employees have a front row seat to the latest innovations shaping the world we live in and the future we share. We’re driven to help our customers around the world succeed and we do so by earning the trust of some of the biggest names in technology.
Working at Avnet means being a part of a global team. We work collaboratively and with integrity, doing business the right way. For more than a century, we have partnered together to help our customers, suppliers and teammates realize the transformative possibilities of technology. Experience what’s next at Avnet!
Applicant must be a U.S. Person (for example, a U.S. citizen or lawful permanent resident / green card holder) eligible to access Controlled Unclassified Information (CUI)
Job Summary
We are seeking a hands-on Cyber Incident Response Analyst to join a steadily maturing incident response program. In this role, you will be part of a global team operating in a follow‑the‑sun model across regions, supporting incident response through coordinated handoffs. The team operates on the CrowdStrike platform across EDR, NG‑SIEM, SOAR, case management, and Charlotte AI, working closely with an externally managed SOC to support escalated investigations. As we continue integrating AI capabilities into the platform, lower‑level triage work is handled automatically, allowing analysts to focus on deeper investigation, threat hunting, reporting, and improving how incidents are detected and handled.
Principal Responsibilities
Our employees work hard to live our values and help us grow. Our total rewards strategy supports Avnet’s ability to attract, engage, develop, and reward our employees, while promoting a diverse and inclusive environment. We offer competitive compensation and benefit programs — from time away and flexible working arrangements to programs supporting employee well-being and opportunities to give back to your community.
This position will have access to ITAR product and therefore be authorized to access product. This position requires the employee to be a U.S. Citizen or National, or a lawful permanent resident as defined by 8 U.S.C. 1101(a)(20), or a protected individual as defined by 8 U.S.C. 1324b(a)(3).
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills.
Avnet is an Equal Opportunity Employer committed to providing equal opportunities to all employees and applicants for employment without regard to race, color, religion, ancestry, national origin, sex (including pregnancy), age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other characteristic protected by law. This policy of non-discrimination also applies to religious dress and grooming practices. Avnet will accommodate employee religious dress standards and grooming practices that do not result in undue hardship for the Company. If you are interested in applying for employment with Avnet and need special assistance or an accommodation to apply for a posted position contact our Human Resources Service Center at (888) 994-7669.
At Avnet, relationships matter. We are a global, FORTUNE 500 technology distributor and solutions company that delivers design, supply chain and logistics expertise to customers at every stage of a product’s lifecycle. Our employees have a front row seat to the latest innovations shaping the world we live in and the future we share. We’re driven to help our customers around the world succeed and we do so by earning the trust of some of the biggest names in technology.
Working at Avnet means being a part of a global team. We work collaboratively and with integrity, doing business the right way. For more than a century, we have partnered together to help our customers, suppliers and teammates realize the transformative possibilities of technology. Experience what’s next at Avnet!
Applicant must be a U.S. Person (for example, a U.S. citizen or lawful permanent resident / green card holder) eligible to access Controlled Unclassified Information (CUI)
Job Summary
We are seeking a hands-on Cyber Incident Response Analyst to join a steadily maturing incident response program. In this role, you will be part of a global team operating in a follow‑the‑sun model across regions, supporting incident response through coordinated handoffs. The team operates on the CrowdStrike platform across EDR, NG‑SIEM, SOAR, case management, and Charlotte AI, working closely with an externally managed SOC to support escalated investigations. As we continue integrating AI capabilities into the platform, lower‑level triage work is handled automatically, allowing analysts to focus on deeper investigation, threat hunting, reporting, and improving how incidents are detected and handled.
Principal Responsibilities
- Incident Investigation: Investigates and responds to escalated cybersecurity incidents, including validation, scoping, containment, and recovery, while determining root cause, scope, and business impact.
- Threat Analysis and Correlation: Analyzes activity across endpoint, network, cloud, and identity systems and correlates data across EDR, SIEM, and other telemetry sources to understand attacker behavior.
- SOC Escalation Support: Serves as an escalation point for SOC analysts by guiding investigations, improving triage quality, and helping ensure consistency in analysis.
- Threat Hunting: Performs proactive threat hunting using structured queries, threat intelligence, and observed activity to identify suspicious behavior beyond alert-driven detection.
- Detection and Response Improvement: Identifies detection gaps and contributes to improving detections, use cases, workflows, and overall response quality.
- Documentation and Reporting: Maintains incident response playbooks, procedures, and investigation documentation, and develops clear incident reports and executive summaries for both technical and non-technical audiences.
- Incident Coordination: Takes ownership of investigative workstreams during complex incidents and, when needed, assumes the role of incident commander until relieved by senior staff.
- Post-Incident Review: Participates in post-incident reviews and contributes to applying lessons learned to improve future detection and response.
- Other duties as assigned
- Investigation Depth: Demonstrates the ability to perform full investigations, including scoping, timeline reconstruction, root cause identification, and impact assessment.
- Tool Proficiency: Experience operating within EDR and SIEM platforms and using multiple telemetry sources to conduct investigations.
- CrowdStrike Experience: Hands-on experience with the CrowdStrike Falcon platform (EDR, NG-SIEM, Fusion, or related modules) and familiarity with Falcon Query Language or LogScale is strongly preferred.
- Threat Hunting Capability: Experience performing proactive threat hunting and identifying activity outside of alert-driven workflows.
- Multi-Source Correlation: Ability to correlate activity across endpoint, identity, network, and cloud systems without relying on a single tool.
- Framework Awareness: Familiarity with MITRE ATT&CK and structured incident response practices aligned to frameworks such as NIST 800-61 Rev. 3.
- Process Improvement Mindset: Experience improving detections, playbooks, or response workflows based on investigation findings and recurring patterns.
- Incident Ownership: Demonstrates the ability to take ownership during incidents and contribute to coordination or leadership of response activities.
- Communication: Strong written and verbal communication skills, including the ability to clearly explain what is happening, what it means, and what needs to happen next during active incidents.
- Collaboration: Ability to work effectively with SOC, engineering, infrastructure, and security teams to investigate and remediate threats.
- Typically 1 to 3 years with bachelor's or equivalent.
- Bachelor's degree or equivalent experience from which comparable knowledge and job skills can be obtained.
- Relevant certifications preferred but not required
Our employees work hard to live our values and help us grow. Our total rewards strategy supports Avnet’s ability to attract, engage, develop, and reward our employees, while promoting a diverse and inclusive environment. We offer competitive compensation and benefit programs — from time away and flexible working arrangements to programs supporting employee well-being and opportunities to give back to your community.
- Generous Paid Time Off
- 401K and Pension Plan
- Paid Holidays
- Family Support (Paid Leave, Surrogacy, Adoption)
- Medical, Dental, Vision, and Life Insurance
- Long-term and Short-term Disability Insurance
- Health Savings Account / Flexible Spending Account
- Education Assistance
- Employee Development Resources
- Employee Wellness, Leadership Development and Mentorship Programs
This position will have access to ITAR product and therefore be authorized to access product. This position requires the employee to be a U.S. Citizen or National, or a lawful permanent resident as defined by 8 U.S.C. 1101(a)(20), or a protected individual as defined by 8 U.S.C. 1324b(a)(3).
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills.
Avnet is an Equal Opportunity Employer committed to providing equal opportunities to all employees and applicants for employment without regard to race, color, religion, ancestry, national origin, sex (including pregnancy), age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other characteristic protected by law. This policy of non-discrimination also applies to religious dress and grooming practices. Avnet will accommodate employee religious dress standards and grooming practices that do not result in undue hardship for the Company. If you are interested in applying for employment with Avnet and need special assistance or an accommodation to apply for a posted position contact our Human Resources Service Center at (888) 994-7669.
Recommended Jobs
Cybersecurity Engineer Senior
Posted 1 hour ago
Security Engineer
Posted 1 hour ago
OT/ICS Cybersecurity Engineer - Mid (managed services)
Posted 1 hour ago
Cybersecurity Specialist
Posted 1 hour ago
Security Engineer
Posted 1 hour ago