Cyber Incident Response Analyst

We are the leading provider of professional services to the middle market globally our purpose is to instill confidence in a world of change empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled culture and talent experience and our ability to be compelling to our clients. Youll find an environment that inspires and empowers you to thrive both personally and professionally. Theres no one like you and thats why theres nowhere like RSM.

The Incident Response Analyst is an entry-level cybersecurity professional responsible for supporting the firms Cyber Incident Response Team in identifying analyzing containing and remediating information security incidents. This role is designed for high-potential campus hires who demonstrate strong analytical thinking sound judgment intellectual curiosity and the ability to operate independently in time-sensitive situations.

The analyst will work closely with senior incident responders threat intelligence security operations legal and technology stakeholders to protect firm and client data. The position requires independent thinking disciplined decision-making and the ability to assess risk in ambiguous and evolving scenarios.

Key Responsibilities

Incident Detection and Analysis

• Analyze suspicious activity to determine scope impact and potential business risk
• Escalate confirmed or high-risk incidents in accordance with established playbooks
• Perform basic malware analysis and artifact review

Incident Response and Containment

• Support forensic evidence preservation in accordance with legal and regulatory requirements
• Document timelines findings and response actions in a defensible manner
• Participate in after-action reviews and recommend control improvements

Continuous Improvement

• Contribute to playbook updates and automation efforts
• Participate in tabletop exercises and simulated incident scenarios
• Stay current with emerging threats attacker tactics and defensive strategies

Required Qualifications

Education

Bachelors degree in one of the following or related fields:

• Cybersecurity
• Computer Science
• Information Systems
• Digital Forensics
• Computer Engineering
• Cyber Operations

Preferred Coursework

Candidates should have completed coursework in several of the following areas:

• Network Security and TCP/IP fundamentals
• Operating Systems (Windows and Linux internals)
• Digital Forensics
• Malware Analysis
• Cloud Security (Azure AWS or GCP)
• Incident Response methodologies
• Risk Management frameworks (NIST CSF ISO 27001)
• Legal and regulatory aspects of cybersecurity

Technical Knowledge and Skills

• Understanding of networking concepts including DNS HTTP/S SMTP and firewall fundamentals
• Familiarity with log analysis and security monitoring tools
• Basic scripting ability in Python PowerShell or Bash preferred
• Working knowledge of Windows Linux and Active Directory environments
• Understanding of MITRE ATT&CK framework and common adversary techniques
• Strong documentation and report writing skills

Industry Certifications and Training (Preferred but not Required)

• CompTIA Security
• CompTIA CySA
• GIAC GCIH (GIAC Certified Incident Handler)
• GIAC GCIA (GIAC Certified Intrusion Analyst)
• eLearnSecurity eJPT
• Microsoft SC-200
• AWS Certified Security Specialty

Participation in cyber competitions capture-the-flag events internships in security operations or prior SOC experience is strongly preferred.

Key Competencies

Independent Thinking and Judgment

• Ability to make reasoned decisions under pressure
• Demonstrates discretion when handling sensitive information
• Understands when to escalate and when to investigate further independently

Analytical Mindset

• Strong problem-solving ability
• Ability to correlate disparate data sources
• Attention to detail while maintaining awareness of broader risk implications

Communication

• Clear written and verbal communication skills
• Ability to translate technical findings into business risk language
• Professional presence when interacting with partners legal and client-facing teams

Professional Attributes

• High integrity and strong ethical standards
• Curiosity and desire to continuously learn
• Ability to manage competing priorities in a fast-paced environment
• Team-oriented with the confidence to operate autonomously when required

At RSM we offer a competitive benefits and compensation package for all our offer flexibility in your schedule empowering you to balance lifes demands while also maintaining your ability to serve more about our total rewards at applicants will receive consideration for employment as RSM does not tolerate discrimination and/or harassment based on race; color; creed; sincerely held religious beliefs practices or observances; sex (including pregnancy or disabilities related to nursing); gender; sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past current or prospective service in the US uniformed service; US Military/Veteran status; pre-disposing genetic characteristics or any other characteristic protected under applicable federal state or local law.

Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/ is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application interview or otherwise participate in the recruiting process please call us at or send us an email at .

RSM does not intend to hire entry-level candidates who require sponsorship now or in the future. This includes individuals who will one dayrequest or require RSM to file or complete immigration-related forms or prepare letters on their behalf in order for them to obtain or continue their work authorization.

RSM will consider for employment qualified applicants with arrest or conviction records. For those living in California or applying to a position in California please click here for additional information.

At RSM an employees pay at any point in their career is intended to reflect their experiences performance and skills for their current role. The salary range (or starting rate for interns and associates) for this role represents numerous factors considered in the hiring decisions including but not limited to education skills work experience certifications location etc. As such pay for the successful candidate(s) could fall anywhere within the stated range.