Incident Response Analyst III

Security Incident Response Analyst (P3) ZoomInfo | US Remote

About the Role

We're looking for a curious, collaborative, and technically skilled Security Incident Response Analyst to join our Threat Detection and Response team. If you're someone who gets energized by solving complex problems, thrives in a team environment, and is always looking for ways to grow and improve, we'd love to hear from you.

This role sits at the heart of how we protect ZoomInfo's people, products, and data. You'll be detecting and responding to threats, building better detection capabilities, and working alongside a team that genuinely believes security is something we do together.

What You'll Do:

Incident Detection & Response Monitor security alerts and events to identify potential incidents, and lead response efforts through containment, eradication, and recovery. Collaboration is core to how we operate and you'll never be navigating a tough incident alone.

Threat Analysis Investigate security threats and vulnerabilities to understand their real impact. Conduct root cause analysis with a focus on learning and improvement, because every incident is a chance to make our environment more resilient.

Forensic Investigation Perform digital forensics to investigate security breaches, gather evidence, and document findings clearly and thoroughly. Your reports will inform decisions at every level of the organization.

Security Monitoring Use SIEM tools to monitor logs and events for suspicious activity, and conduct proactive threat hunts to identify threats before they become incidents rather than just reacting to them.

Detection Engineering Build, test, and maintain detection rules and signatures that identify malicious activity. Continuously sharpen our detection capabilities by incorporating new threat intelligence and emerging attack techniques.

Automation Use low-code/no-code SOAR platforms to automate repetitive tasks, streamline workflows, and free up time for the work that actually requires human judgment.

Collaboration & Communication Partner closely with IT, DevOps, Legal, and other teams to resolve incidents efficiently. Prepare clear, honest incident reports for management and stakeholders, because we value transparency and open communication at every level.

Continuous Improvement Stay current on the evolving threat landscape and bring ideas to the table. We're a team that values curiosity, growth, and a genuine commitment to making things better over time.

What You Bring:

• Solid understanding of cybersecurity principles, the threat landscape, and common attack vectors
• Hands-on experience with security tools such as SIEM, XDR, EDR, and SOAR platforms
• Experience researching, building, testing, and deploying detection rules and searches
• Strong analytical and problem-solving skills with the ability to work through ambiguity and communicate findings clearly
• Prior experience in a security operations or incident response role is required at this level; SaaS environment experience is a plus

Our Team Culture

We operate by a few principles that guide everything we do:

• We grow through challenges. We approach setbacks with curiosity and use them as fuel to build a stronger, more resilient team.
• We win and lose together. There are no lone heroes here. We share credit, share accountability, and have each other's backs.
• Ethics aren't negotiable. We hold ourselves to the highest standard in everything we do, in how we work, how we communicate, and how we treat each other.
• Your voice matters here. This role touches a wide range of security disciplines and we want you to bring your whole perspective to the work. Ideas are welcome from everyone, regardless of tenure or title.

#LI-AP3
#LI-Remote